CVE-2017-13081

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2017-13081
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector : AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability : 1.6 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

2.9 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:A/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 5.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html Third Party Advisory
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt Third Party Advisory
http://www.debian.org/security/2017/dsa-3999 Third Party Advisory
http://www.kb.cert.org/vuls/id/228519 Third Party Advisory US Government Resource
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.securityfocus.com/bid/101274 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039573 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039576 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039577 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039578 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039581 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039585 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-3455-1 Third Party Advisory
https://access.redhat.com/security/vulnerabilities/kracks Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
https://cert.vde.com/en-us/advisories/vde-2017-005
https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc Third Party Advisory
https://security.gentoo.org/glsa/201711-03
https://source.android.com/security/bulletin/2017-11-01
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa Third Party Advisory
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt Third Party Advisory
https://www.krackattacks.com/ Technical Description Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html Third Party Advisory
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt Third Party Advisory
http://www.debian.org/security/2017/dsa-3999 Third Party Advisory
http://www.kb.cert.org/vuls/id/228519 Third Party Advisory US Government Resource
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.securityfocus.com/bid/101274 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039573 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039576 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039577 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039578 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039581 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039585 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-3455-1 Third Party Advisory
https://access.redhat.com/security/vulnerabilities/kracks Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
https://cert.vde.com/en-us/advisories/vde-2017-005
https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc Third Party Advisory
https://security.gentoo.org/glsa/201711-03
https://source.android.com/security/bulletin/2017-11-01
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa Third Party Advisory
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt Third Party Advisory
https://www.krackattacks.com/ Technical Description Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*
cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*
History

No history.

Information

Published : 2017-10-17 13:29

Updated : 2025-04-20 01:37

NVD link : CVE-2017-13081

Mitre link : CVE-2017-13081

CVE.ORG link : CVE-2017-13081

JSON object : View

Products Affected

w1.fi

  • wpa_supplicant
  • hostapd

debian

  • debian_linux

suse

  • linux_enterprise_point_of_sale
  • linux_enterprise_desktop
  • linux_enterprise_server
  • openstack_cloud

freebsd

  • freebsd

redhat

  • enterprise_linux_desktop
  • enterprise_linux_server

opensuse

  • leap

canonical

  • ubuntu_linux
CWE
CWE-323

Reusing a Nonce, Key Pair in Encryption

CWE-330

Use of Insufficiently Random Values