CVE-2017-13082 Information
Description
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake allowing an attacker within radio range to replay decrypt or spoof frames.
CVSS Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Reference
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt http://www.debian.org/security/2017/dsa-3999 http://www.kb.cert.org/vuls/id/228519 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/101274 http://www.securitytracker.com/id/1039570 http://www.securitytracker.com/id/1039571 http://www.securitytracker.com/id/1039573 http://www.securitytracker.com/id/1039581 http://www.ubuntu.com/usn/USN-3455-1 https://access.redhat.com/errata/RHSA-2017:2907 https://access.redhat.com/security/vulnerabilities/kracks https://cert.vde.com/en-us/advisories/vde-2017-005 https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf https://github.com/vanhoefm/krackattacks-test-ap-ft https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02 https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697 https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc https://security.gentoo.org/glsa/201711-03 https://source.android.com/security/bulletin/2017-11-01 https://support.lenovo.com/us/en/product_security/LEN-17420 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://www.krackattacks.com/
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
NONE
Base Severity
8.1
Share on: