Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
39 vulnerabilities by peplink
VAR-201710-0974
Vulnerability from variot - Updated: 2024-07-23 21:12Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). A group key reload vulnerability exists in WPA2 wireless network sleep mode. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================
- Summary:
An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues. Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm
ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm
ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm
s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).
An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.
For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.
For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.
For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.
We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017
wpa vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in wpa_supplicant.
Software Description: - wpa: client support for WPA and WPA2
Details:
Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1
Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2
Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5
After a standard system update you need to reboot your computer to make all the necessary changes. 6) - i386, x86_64
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz
MD5 signatures: +-------------+
Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz
Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project
Topic: WPA2 protocol vulnerability
Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
- Revision history
v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.
I.
hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.
II. Problem Description
A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.
III. Impact
Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.
IV. Workaround
An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:
wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"
and restart networking.
An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:
hostapd_program="/usr/local/sbin/hostapd"
and restart hostapd.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc
gpg --verify wpa-11.patch.asc
[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc
gpg --verify wpa-10.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0974",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "11"
},
{
"model": "openstack cloud",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "6"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "12"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "12"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "*"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "9front",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aerohive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "android open source",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "barracuda",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "broadcom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "centos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cradlepoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cypress semiconductor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "digi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "draytek",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "edimax computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "endian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "espressif",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hostap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipfire",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lancom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lede",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lifx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microchip",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mojo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nest",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netgear",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opnsense",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "omnirom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "open mesh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverbed",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "samsung mobile",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sony",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sophos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tp link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "texas instruments",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba commerce",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba electronic devices storage",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba memory",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turris omnia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "volumio",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xiaomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xirrus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zebra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dd wrt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "eero",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pfsense",
"version": null
},
{
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "freebsd",
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "linux enterprise desktop",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise point of sale",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "openstack cloud",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "hostapd",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "wpa supplicant",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "enterprise linux server",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "sr-m20ac1",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "sr-m20ac2",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "alliance wi-fi protected access 2",
"scope": null,
"trust": 0.6,
"vendor": "wi fi",
"version": null
},
{
"model": "scalance w-700",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux desktop",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux server",
"version": "11"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.1"
},
{
"model": "pyxis supplystation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "sinamics smart access module",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v200"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.27.3264"
},
{
"model": "meraki mr34",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ck71a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2.0"
},
{
"model": "macbook air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18500"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.0"
},
{
"model": "meraki mr26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28000"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr84",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "510x0"
},
{
"model": "windows server r2 for itanium-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "contact itc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "81130"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.0.0"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr18",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.3"
},
{
"model": "scalance w1750d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "secure ii med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "210x0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "aironet access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "wap371 wireless-ac n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "contact rad-80211-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "contact fl wlan dap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.25"
},
{
"model": "pyxis medstation es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88210"
},
{
"model": "pyxis stockstation system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "macbook",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.2"
},
{
"model": "scalance wlc712",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "contact fl wlan spa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "meraki mr62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic et200 pro im154-6 pn iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "tropos broadband mesh routers and bridges",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.2"
},
{
"model": "meraki mr33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "micros handheld terminal",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.2"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.6"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "110x0"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.4"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "contact fl comserver wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "232/422/4850"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.8"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7."
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1.91.3272"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.9"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "230802-110"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.1"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr14",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18150"
},
{
"model": "wireless client bridge 2.0.0.1-aruba501-b00",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.2"
},
{
"model": "airport express",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr16",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clarity engine",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0"
},
{
"model": "meraki mr30h",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0"
},
{
"model": "contact bl2 bpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "watch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "4.0"
},
{
"model": "ruggedcom rx1400",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "cn70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "pyxis parx handheld",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.40.100"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "meraki mr42",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.6"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.3"
},
{
"model": "wap561 wireless-n dual radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.26.3000"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6"
},
{
"model": "tvos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "contact rad-whg/wlan-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.3"
},
{
"model": "wi-fi update for boot camp",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.4.0"
},
{
"model": "suremark printer 2nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.0.0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.8"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "pyxis supply roller",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3"
},
{
"model": "telepresence collaboration endpoint",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2.61.3535"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "70xx0"
},
{
"model": "imac",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr72",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.25.3001"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2"
},
{
"model": "meraki mr53",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "wap551 wireless-n single radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.0.0"
},
{
"model": "wap121 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.5"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.0.1000"
},
{
"model": "wireless client bridge 1.0.1.3-hp501-b0012",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "i.roc ci70-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.0.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1"
},
{
"model": "cn70e-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.0.0.0"
},
{
"model": "meraki mr24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "suremark printer 1nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "50xx0"
},
{
"model": "meraki mr74",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.15"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.20"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.1"
},
{
"model": "systems esp32",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "micros handheld terminal 2.03.0.0.021r",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "38000"
},
{
"model": "pyxis parx",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dx70",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1.9"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2141"
},
{
"model": "pyxis anesthesia es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "aironet series officeextend access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18100"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.55.3000"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "meraki mr66",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2131"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.2"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18300"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.0.50.1004"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.1.0"
},
{
"model": "wap321 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic iwlan-pb/link",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "aironet 1810w series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr52",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr12",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airmesh msr",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.20"
},
{
"model": "watchos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "contact fl wlan ec",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.8"
},
{
"model": "systems esp8266",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "pad-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.0.1205"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88610"
},
{
"model": "clarity engine",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0.0.1"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15600"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.5"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.8"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "meraki mr58",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.2"
},
{
"model": "pyxis parassist system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0"
},
{
"model": "simatic mobile panel 277 iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "pyxis medstation t2",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.0.0"
},
{
"model": "wi-fi update for boot camp",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "30xx0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.6"
},
{
"model": "wireless client bridge",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "5010"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.5"
},
{
"model": "meraki mr11",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "35000"
},
{
"model": "automation stratix 15.3 jc1",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "5100"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "pyxis ciisafe workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "??0"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.0.0"
},
{
"model": "ipad air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1.71.3608"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.41.3024"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "dx80",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.0"
},
{
"model": "contact bl2 ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "contact tpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "60130"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1"
},
{
"model": "ck70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.20"
},
{
"model": "macbook pro",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.8"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.4"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.2"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.3"
},
{
"model": "tab-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "macmini",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.16"
},
{
"model": "contact fl wlan epa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "airport time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "alliance wpa2 (wi-fi protected access",
"scope": "eq",
"trust": 0.3,
"vendor": "wi fi",
"version": "2)0"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.9"
},
{
"model": "scalance wlc711",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "ruggedcom rs9xxw",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.15"
},
{
"model": "networks unifi access point",
"scope": "eq",
"trust": 0.3,
"vendor": "ubiquiti",
"version": "0"
},
{
"model": "suremark printer 2cr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88650"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "asa 5506w-x w/ firepower services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.9"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3005"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.0.0.0"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2010"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "14.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "16.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "17.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "9.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux desktop",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux point of sale",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openstack cloud",
"version": "6"
}
],
"sources": [
{
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
},
{
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
"sources": [
{
"db": "BID",
"id": "101274"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
}
],
"trust": 0.9
},
"cve": "CVE-2017-13087",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13087",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CNVD-2017-30398",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13087",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-13087",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-30398",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-388",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-13087",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
},
{
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). A group key reload vulnerability exists in WPA2 wireless network sleep mode. WPA2 is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: wpa_supplicant security update\nAdvisory ID: RHSA-2017:2907-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2017:2907\nIssue date: 2017-10-17\nCVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n hostapd 2.4-0ubuntu9.1\n wpasupplicant 2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n hostapd 2.4-0ubuntu6.2\n wpasupplicant 2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n hostapd 2.1-0ubuntu1.5\n wpasupplicant 2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. 6) - i386, x86_64\n\n3. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. \n This update includes patches to mitigate the WPA2 protocol issues known\n as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n hijack TCP connections, and to forge and inject packets. \n CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n while processing it. \n For more information, see:\n https://www.krackattacks.com/\n https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa Security Advisory\n The FreeBSD Project\n\nTopic: WPA2 protocol vulnerability\n\nCategory: contrib\nModule: wpa\nAnnounced: 2017-10-16\nCredits: Mathy Vanhoef\nAffects: All supported versions of FreeBSD. \nCorrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0. Revision history\n\nv1.0 2017-10-17 Initial release. \nv1.1 2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII. Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV. Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/11/ r324697\nreleng/11.0/ r324698\nreleng/11.1/ r324699\nstable/10/ r324739\nreleng/10.3/ r324740\nreleng/10.4/ r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13087"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
}
],
"trust": 3.96
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-13087",
"trust": 4.2
},
{
"db": "CERT/CC",
"id": "VU#228519",
"trust": 4.2
},
{
"db": "BID",
"id": "101274",
"trust": 2.6
},
{
"db": "LENOVO",
"id": "LEN-17420",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1039577",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039576",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039581",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039578",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039573",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-901333",
"trust": 1.7
},
{
"db": "CERT@VDE",
"id": "VDE-2017-005",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSMA-18-114-01",
"trust": 1.2
},
{
"db": "ICS CERT",
"id": "ICSMA-19-029-01",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-353-02",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-01",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2017-30398",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388",
"trust": 0.8
},
{
"db": "JUNIPER",
"id": "JSA10827",
"trust": 0.8
},
{
"db": "DLINK",
"id": "SAP10075",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02A",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90609033",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.4125",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-299-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-325-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "AA0BE958-12F8-4C92-BA4F-8046A72E7FE0",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2017-13087",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144632",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144659",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144663",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144669",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
},
{
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"id": "VAR-201710-0974",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
}
],
"trust": 1.3965711281818183
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
}
]
},
"last_update_date": "2024-07-23T21:12:37.370000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ARUBA-PSA-2017-007",
"trust": 0.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"title": "DSA-3999",
"trust": 0.8,
"url": "https://www.debian.org/security/2017/dsa-3999"
},
{
"title": "FreeBSD-SA-17:07.wpa",
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"title": "LEN-17420",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/en/product_security/len-17420"
},
{
"title": "NV17-024",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
},
{
"title": "openSUSE-SU-2017:2755",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"title": "SUSE-SU-2017:2745",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"title": "SUSE-SU-2017:2752",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"title": "RHSA-2017:2907",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"title": "RHSA-2017:2911",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"title": "USN-3455-1",
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"title": "WPA packet number reuse with replayed messages and key reinstallation",
"trust": 0.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066 ",
"trust": 0.8,
"url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
},
{
"title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.iodata.jp/support/information/2017/wpa2/"
},
{
"title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b ",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/info/20171110/"
},
{
"title": "Patch for WPA2 Wireless Network Sleep Mode Group Key Reload Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/103826"
},
{
"title": "Multiple WiFi product WPA2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75502"
},
{
"title": "Red Hat: Important: wpa_supplicant security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172911 - security advisory"
},
{
"title": "Red Hat: Important: wpa_supplicant security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172907 - security advisory"
},
{
"title": "Red Hat: CVE-2017-13087",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13087"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13087"
},
{
"title": "Ubuntu Security Notice: wpa vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3455-1"
},
{
"title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
},
{
"title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-23"
},
{
"title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-22"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
},
{
"title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
},
{
"title": "KRACK",
"trust": 0.1,
"url": "https://github.com/chinatso/krack "
},
{
"title": "krackinfo",
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo "
},
{
"title": "nixos-issue-db-example",
"trust": 0.1,
"url": "https://github.com/andir/nixos-issue-db-example "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://www.krackattacks.com/"
},
{
"trust": 3.3,
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"trust": 2.9,
"url": "http://www.securityfocus.com/bid/101274"
},
{
"trust": 2.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
},
{
"trust": 2.7,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"trust": 2.5,
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"trust": 2.2,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"trust": 2.1,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"trust": 1.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-3455-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039581"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039578"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039577"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039576"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039573"
},
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/len-17420"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
},
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
},
{
"trust": 1.1,
"url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
},
{
"trust": 1.1,
"url": "https://w1.fi/security/2017-1/"
},
{
"trust": 1.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/323.html"
},
{
"trust": 0.8,
"url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
},
{
"trust": 0.8,
"url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
},
{
"trust": 0.8,
"url": "https://www.al-enterprise.com/en/support/security-alert-krack"
},
{
"trust": 0.8,
"url": "https://support.apple.com/en-gb/ht208222"
},
{
"trust": 0.8,
"url": "https://security.archlinux.org/avg-447"
},
{
"trust": 0.8,
"url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
},
{
"trust": 0.8,
"url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
},
{
"trust": 0.8,
"url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
},
{
"trust": 0.8,
"url": "https://community.cypress.com/docs/doc-13871"
},
{
"trust": 0.8,
"url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
},
{
"trust": 0.8,
"url": "http://www.dell.com/support/article/sln307822"
},
{
"trust": 0.8,
"url": "https://github.com/espressif/esp8266_nonos_sdk"
},
{
"trust": 0.8,
"url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
},
{
"trust": 0.8,
"url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
},
{
"trust": 0.8,
"url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
},
{
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 0.8,
"url": "https://bugs.gentoo.org/634440"
},
{
"trust": 0.8,
"url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
},
{
"trust": 0.8,
"url": "https://kb.juniper.net/jsa10827"
},
{
"trust": 0.8,
"url": "https://support.lenovo.com/ca/en/product_security/len-17420"
},
{
"trust": 0.8,
"url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
},
{
"trust": 0.8,
"url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
},
{
"trust": 0.8,
"url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
},
{
"trust": 0.8,
"url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
},
{
"trust": 0.8,
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
},
{
"trust": 0.8,
"url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
},
{
"trust": 0.8,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
},
{
"trust": 0.8,
"url": "https://community.sophos.com/kb/en-us/127658"
},
{
"trust": 0.8,
"url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
},
{
"trust": 0.8,
"url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
},
{
"trust": 0.8,
"url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
},
{
"trust": 0.8,
"url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
},
{
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"trust": 0.8,
"url": "http://en.miui.com/thread-954223-1-1.html"
},
{
"trust": 0.8,
"url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
},
{
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
},
{
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
},
{
"trust": 0.8,
"url": "https://community.rsa.com/docs/doc-84103"
},
{
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k23642330"
},
{
"trust": 0.8,
"url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
},
{
"trust": 0.8,
"url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90609033/index.html"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
},
{
"trust": 0.6,
"url": "https://www.kb.cert.org/vuls/id/228519/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13077"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13078"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13080"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13087"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13082"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13086"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
},
{
"trust": 0.3,
"url": "http://www.wi-fi.org/index.php"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-ie/ht208847"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208334"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208327"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208325"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13081"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13084"
},
{
"trust": 0.3,
"url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/330.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://www.krackattacks.com/\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
},
{
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
},
{
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-17T00:00:00",
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"date": "2017-10-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"date": "2017-10-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"date": "2017-10-16T00:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2017-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"date": "2017-10-17T16:52:00",
"db": "PACKETSTORM",
"id": "144652"
},
{
"date": "2017-10-16T13:49:34",
"db": "PACKETSTORM",
"id": "144630"
},
{
"date": "2017-10-16T23:23:00",
"db": "PACKETSTORM",
"id": "144632"
},
{
"date": "2017-10-18T20:20:00",
"db": "PACKETSTORM",
"id": "144659"
},
{
"date": "2017-10-18T20:44:00",
"db": "PACKETSTORM",
"id": "144663"
},
{
"date": "2017-10-19T14:28:55",
"db": "PACKETSTORM",
"id": "144669"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-388"
},
{
"date": "2017-10-17T13:29:00.600000",
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"date": "2019-02-21T09:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"date": "2020-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-388"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
}
],
"trust": 0.6
}
}
VAR-201710-0211
Vulnerability from variot - Updated: 2024-07-23 21:10Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a GTK group key reload vulnerability in the fourth handshake. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================
- Summary:
An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues. Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm
ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm
ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm
s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9
AirPort Base Station Firmware Update 7.7.9 is now available and addresses the following:
AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence
AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management. CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU Leuven CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
Installation note:
Firmware version 7.7.9 is installed on AirPort Extreme or AirPort Time Capsule base stations with 802.11ac using AirPort Utility for Mac or iOS.
AirPort Utility for Mac is a free download from https://support.apple.com/downloads/ and AirPort Utility for iOS is a free download from the App Store. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
Installation note:
Wi-Fi Update for Boot Camp 6.4.0 may be obtained from Apple Software Update for Windows. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017
wpa vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in wpa_supplicant.
Software Description: - wpa: client support for WPA and WPA2
Details:
Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1
Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2
Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5
After a standard system update you need to reboot your computer to make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201711-03
https://security.gentoo.org/
Severity: Normal Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks Date: November 10, 2017 Bugs: #634436, #634438 ID: 201711-03
Synopsis
A flaw was discovered in the 4-way handshake in hostapd and wpa_supplicant that allows attackers to conduct a Man in the Middle attack.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-wireless/hostapd < 2.6-r1 >= 2.6-r1 2 net-wireless/wpa_supplicant < 2.6-r3 >= 2.6-r3 ------------------------------------------------------------------- 2 affected packages
Description
WiFi Protected Access (WPA and WPA2) and it's associated technologies are all vulnerable to the KRACK attacks. Please review the referenced CVE identifiers for details.
Impact
An attacker can carry out the KRACK attacks on a wireless network in order to gain access to network clients. Once achieved, the attacker can potentially harvest confidential information (e.g. HTTP/HTTPS), inject malware, or perform a myriad of other attacks.
Workaround
There is no known workaround at this time.
Resolution
All hostapd users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-wireless/hostapd-2.6-r1"
All wpa_supplicant users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=net-wireless/wpa_supplicant-2.6-r3"
References
[ 1 ] CVE-2017-13077 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077 [ 2 ] CVE-2017-13078 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078 [ 3 ] CVE-2017-13079 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079 [ 4 ] CVE-2017-13080 . 6) - i386, x86_64
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project
Topic: WPA2 protocol vulnerability
Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
- Revision history
v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.
I.
hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.
II. Problem Description
A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.
III. Impact
Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.
IV. Workaround
An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:
wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"
and restart networking.
An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:
hostapd_program="/usr/local/sbin/hostapd"
and restart hostapd.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc
gpg --verify wpa-11.patch.asc
[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc
gpg --verify wpa-10.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE----- .
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz
MD5 signatures: +-------------+
Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz
Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0211",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "*"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "openstack cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "9front",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aerohive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "android open source",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "barracuda",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "broadcom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "centos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cradlepoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cypress semiconductor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "digi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "draytek",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "edimax computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "endian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "espressif",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hostap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipfire",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lancom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lede",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lifx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microchip",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mojo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nest",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netgear",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opnsense",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "omnirom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "open mesh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverbed",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "samsung mobile",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sony",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sophos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tp link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "texas instruments",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba commerce",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba electronic devices storage",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba memory",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turris omnia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "volumio",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xiaomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xirrus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zebra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dd wrt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "eero",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pfsense",
"version": null
},
{
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "freebsd",
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "linux enterprise desktop",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise point of sale",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "openstack cloud",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "hostapd",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "wpa supplicant",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "enterprise linux server",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "sr-m20ac1",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "sr-m20ac2",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "alliance wi-fi protected access 2",
"scope": null,
"trust": 0.6,
"vendor": "wi fi",
"version": null
},
{
"model": "scalance w-700",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux desktop",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux server",
"version": "11"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.1"
},
{
"model": "pyxis supplystation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "sinamics smart access module",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v200"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.27.3264"
},
{
"model": "meraki mr34",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ck71a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2.0"
},
{
"model": "macbook air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18500"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.0"
},
{
"model": "meraki mr26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28000"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr84",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "510x0"
},
{
"model": "windows server r2 for itanium-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "contact itc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "81130"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.0.0"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr18",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.3"
},
{
"model": "scalance w1750d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "secure ii med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "210x0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "aironet access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "wap371 wireless-ac n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "contact rad-80211-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "contact fl wlan dap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.25"
},
{
"model": "pyxis medstation es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88210"
},
{
"model": "pyxis stockstation system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "macbook",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.2"
},
{
"model": "scalance wlc712",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "contact fl wlan spa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "meraki mr62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic et200 pro im154-6 pn iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "tropos broadband mesh routers and bridges",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.2"
},
{
"model": "meraki mr33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "micros handheld terminal",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.2"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.6"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "110x0"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.4"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "contact fl comserver wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "232/422/4850"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.8"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7."
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1.91.3272"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.9"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "230802-110"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.1"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr14",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18150"
},
{
"model": "wireless client bridge 2.0.0.1-aruba501-b00",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.2"
},
{
"model": "airport express",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr16",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clarity engine",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0"
},
{
"model": "meraki mr30h",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0"
},
{
"model": "contact bl2 bpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "watch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "4.0"
},
{
"model": "ruggedcom rx1400",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "cn70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "pyxis parx handheld",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.40.100"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "meraki mr42",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.6"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.3"
},
{
"model": "wap561 wireless-n dual radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.26.3000"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6"
},
{
"model": "tvos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "contact rad-whg/wlan-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.3"
},
{
"model": "wi-fi update for boot camp",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.4.0"
},
{
"model": "suremark printer 2nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.0.0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.8"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "pyxis supply roller",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3"
},
{
"model": "telepresence collaboration endpoint",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2.61.3535"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "70xx0"
},
{
"model": "imac",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr72",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.25.3001"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2"
},
{
"model": "meraki mr53",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "wap551 wireless-n single radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.0.0"
},
{
"model": "wap121 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.5"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.0.1000"
},
{
"model": "wireless client bridge 1.0.1.3-hp501-b0012",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "i.roc ci70-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.0.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1"
},
{
"model": "cn70e-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.0.0.0"
},
{
"model": "meraki mr24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "suremark printer 1nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "50xx0"
},
{
"model": "meraki mr74",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.15"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.20"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.1"
},
{
"model": "systems esp32",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "micros handheld terminal 2.03.0.0.021r",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "38000"
},
{
"model": "pyxis parx",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dx70",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1.9"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2141"
},
{
"model": "pyxis anesthesia es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "aironet series officeextend access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18100"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.55.3000"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "meraki mr66",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2131"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.2"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18300"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.0.50.1004"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.1.0"
},
{
"model": "wap321 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic iwlan-pb/link",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "aironet 1810w series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr52",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr12",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airmesh msr",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.20"
},
{
"model": "watchos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "contact fl wlan ec",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.8"
},
{
"model": "systems esp8266",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "pad-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.0.1205"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88610"
},
{
"model": "clarity engine",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0.0.1"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15600"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.5"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.8"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "meraki mr58",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.2"
},
{
"model": "pyxis parassist system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0"
},
{
"model": "simatic mobile panel 277 iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "pyxis medstation t2",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.0.0"
},
{
"model": "wi-fi update for boot camp",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "30xx0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.6"
},
{
"model": "wireless client bridge",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "5010"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.5"
},
{
"model": "meraki mr11",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "35000"
},
{
"model": "automation stratix 15.3 jc1",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "5100"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "pyxis ciisafe workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "??0"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.0.0"
},
{
"model": "ipad air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1.71.3608"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.41.3024"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "dx80",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.0"
},
{
"model": "contact bl2 ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "contact tpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "60130"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1"
},
{
"model": "ck70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.20"
},
{
"model": "macbook pro",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.8"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.4"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.2"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.3"
},
{
"model": "tab-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "macmini",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.16"
},
{
"model": "contact fl wlan epa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "airport time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "alliance wpa2 (wi-fi protected access",
"scope": "eq",
"trust": 0.3,
"vendor": "wi fi",
"version": "2)0"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.9"
},
{
"model": "scalance wlc711",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "ruggedcom rs9xxw",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.15"
},
{
"model": "networks unifi access point",
"scope": "eq",
"trust": 0.3,
"vendor": "ubiquiti",
"version": "0"
},
{
"model": "suremark printer 2cr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88650"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "asa 5506w-x w/ firepower services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.9"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3005"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.0.0.0"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2010"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "14.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "16.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "17.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "9.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux desktop",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux point of sale",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openstack cloud",
"version": "6"
}
],
"sources": [
{
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
},
{
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
"sources": [
{
"db": "BID",
"id": "101274"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
}
],
"trust": 0.9
},
"cve": "CVE-2017-13078",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13078",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CNVD-2017-30405",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13078",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-13078",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-30405",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-381",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-13078",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
},
{
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a GTK group key reload vulnerability in the fourth handshake. WPA2 is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: wpa_supplicant security update\nAdvisory ID: RHSA-2017:2907-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2017:2907\nIssue date: 2017-10-17\nCVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9\n\nAirPort Base Station Firmware Update 7.7.9 is now available and\naddresses the following:\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker within range may be able to execute arbitrary\ncode on the Wi-Fi chip\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-9417: Nitay Artenstein of Exodus Intelligence\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker in Wi-Fi range may force nonce reuse in WPA\nunicast/PTK clients (Key Reinstallation Attacks - KRACK)\nDescription: A logic issue existed in the handling of state\ntransitions. This was addressed with improved state management. \nCVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\nCVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker in Wi-Fi range may force nonce reuse in WPA\nmulticast/GTK clients (Key Reinstallation Attacks - KRACK)\nDescription: A logic issue existed in the handling of state\ntransitions. This was addressed with improved state management. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nInstallation note:\n\nFirmware version 7.7.9 is installed on AirPort Extreme or\nAirPort Time Capsule base stations with 802.11ac using\nAirPort Utility for Mac or iOS. \n\nAirPort Utility for Mac is a free download from\nhttps://support.apple.com/downloads/ and AirPort Utility for iOS\nis a free download from the App Store. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at\nKU Leuven\n\nInstallation note:\n\nWi-Fi Update for Boot Camp 6.4.0 may be obtained from Apple Software\nUpdate for Windows. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n hostapd 2.4-0ubuntu9.1\n wpasupplicant 2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n hostapd 2.4-0ubuntu6.2\n wpasupplicant 2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n hostapd 2.1-0ubuntu1.5\n wpasupplicant 2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201711-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK)\n attacks\n Date: November 10, 2017\n Bugs: #634436, #634438\n ID: 201711-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA flaw was discovered in the 4-way handshake in hostapd and\nwpa_supplicant that allows attackers to conduct a Man in the Middle\nattack. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-wireless/hostapd \u003c 2.6-r1 \u003e= 2.6-r1 \n 2 net-wireless/wpa_supplicant\n \u003c 2.6-r3 \u003e= 2.6-r3 \n -------------------------------------------------------------------\n 2 affected packages\n\nDescription\n===========\n\nWiFi Protected Access (WPA and WPA2) and it\u0027s associated technologies\nare all vulnerable to the KRACK attacks. Please review the referenced\nCVE identifiers for details. \n\nImpact\n======\n\nAn attacker can carry out the KRACK attacks on a wireless network in\norder to gain access to network clients. Once achieved, the attacker\ncan potentially harvest confidential information (e.g. HTTP/HTTPS),\ninject malware, or perform a myriad of other attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll hostapd users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-wireless/hostapd-2.6-r1\"\n\nAll wpa_supplicant users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=net-wireless/wpa_supplicant-2.6-r3\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-13077\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077\n[ 2 ] CVE-2017-13078\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078\n[ 3 ] CVE-2017-13079\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079\n[ 4 ] CVE-2017-13080\n. 6) - i386, x86_64\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa Security Advisory\n The FreeBSD Project\n\nTopic: WPA2 protocol vulnerability\n\nCategory: contrib\nModule: wpa\nAnnounced: 2017-10-16\nCredits: Mathy Vanhoef\nAffects: All supported versions of FreeBSD. \nCorrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0. Revision history\n\nv1.0 2017-10-17 Initial release. \nv1.1 2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII. Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV. Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/11/ r324697\nreleng/11.0/ r324698\nreleng/11.1/ r324699\nstable/10/ r324739\nreleng/10.3/ r324740\nreleng/10.4/ r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. \n This update includes patches to mitigate the WPA2 protocol issues known\n as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n hijack TCP connections, and to forge and inject packets. \n CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n while processing it. \n For more information, see:\n https://www.krackattacks.com/\n https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13078"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "145394"
},
{
"db": "PACKETSTORM",
"id": "145395"
},
{
"db": "PACKETSTORM",
"id": "148445"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
}
],
"trust": 4.23
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-13078",
"trust": 4.5
},
{
"db": "CERT/CC",
"id": "VU#228519",
"trust": 4.2
},
{
"db": "BID",
"id": "101274",
"trust": 2.6
},
{
"db": "LENOVO",
"id": "LEN-17420",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1039577",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039576",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039581",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039578",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039585",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039573",
"trust": 1.7
},
{
"db": "CERT@VDE",
"id": "VDE-2017-003",
"trust": 1.7
},
{
"db": "CERT@VDE",
"id": "VDE-2017-005",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-901333",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSMA-18-114-01",
"trust": 1.2
},
{
"db": "ICS CERT",
"id": "ICSMA-19-029-01",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-353-02",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-01",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-325-01",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2017-30405",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381",
"trust": 0.8
},
{
"db": "JUNIPER",
"id": "JSA10827",
"trust": 0.8
},
{
"db": "DLINK",
"id": "SAP10075",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02A",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94846424",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90609033",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.4125",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-299-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02",
"trust": 0.3
},
{
"db": "IVD",
"id": "D6BBEDBA-FFB0-46FC-8B8D-FC2A4FCE19B2",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2017-13078",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145394",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145395",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148445",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144632",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144944",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144659",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144669",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144663",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "145394"
},
{
"db": "PACKETSTORM",
"id": "145395"
},
{
"db": "PACKETSTORM",
"id": "148445"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
},
{
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"id": "VAR-201710-0211",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
}
],
"trust": 1.3965711281818183
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
}
]
},
"last_update_date": "2024-07-23T21:10:29.332000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ARUBA-PSA-2017-007",
"trust": 0.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"title": "DSA-3999",
"trust": 0.8,
"url": "https://www.debian.org/security/2017/dsa-3999"
},
{
"title": "FreeBSD-SA-17:07.wpa",
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"title": "LEN-17420",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/en/product_security/len-17420"
},
{
"title": "NV17-024",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
},
{
"title": "openSUSE-SU-2017:2755",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"title": "SUSE-SU-2017:2745",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"title": "SUSE-SU-2017:2752",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"title": "RHSA-2017:2907",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"title": "RHSA-2017:2911",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"title": "USN-3455-1",
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"title": "WPA packet number reuse with replayed messages and key reinstallation",
"trust": 0.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
},
{
"title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.iodata.jp/support/information/2017/wpa2/"
},
{
"title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/info/20171110/"
},
{
"title": "Patch for WPA2 Wireless Network GTK Group Key Reload Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/103819"
},
{
"title": "Multiple WiFi product WPA2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75495"
},
{
"title": "Red Hat: Important: wpa_supplicant security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172911 - security advisory"
},
{
"title": "Red Hat: Important: wpa_supplicant security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172907 - security advisory"
},
{
"title": "Red Hat: CVE-2017-13078",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13078"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13078"
},
{
"title": "Apple: Wi-Fi Update for Boot Camp 6.4.0",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=4dc3bb86865485e4364fd6b2dc2fc379"
},
{
"title": "Apple: AirPort Base Station Firmware Update 7.7.9",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7ca8130f8030911575aa17c0e84114dd"
},
{
"title": "Apple: watchOS 4.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=345c3fa8a313cd9a1ced5ef372c465c4"
},
{
"title": "Apple: AirPort Base Station Firmware Update 7.6.9",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=43d8dcf7961e20b6ec02761d12969c19"
},
{
"title": "Debian CVElist Bug Report Logs: firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2e0affd9108e95fa2aa2c706c74cd8a9"
},
{
"title": "Ubuntu Security Notice: wpa vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3455-1"
},
{
"title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
},
{
"title": "Apple: tvOS 11.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7a8e908aff7c02a31b2d335766e6d5c2"
},
{
"title": "Apple: iOS 11.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7814c280e80969d4c4d88f74b13290f2"
},
{
"title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-23"
},
{
"title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-22"
},
{
"title": "HP: HPSBPI03574 rev. 1 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbpi03574"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
},
{
"title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=25584b3d319ca9e7cb2fae9ec5dbf5e0"
},
{
"title": "HP: HPSBHF03571 rev. 6 - Intel Management Engine Cumulative Security update and fix for WPA2 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbhf03571"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Apple: macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=870f3f04ef17f7b183f74ae687a1561d"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "vanhoefm-krackattacks-scripts",
"trust": 0.1,
"url": "https://github.com/84kaliplexon3/vanhoefm-krackattacks-scripts "
},
{
"title": "krankattack",
"trust": 0.1,
"url": "https://github.com/devkosov/krankattack "
},
{
"title": "krackattacks-scripts",
"trust": 0.1,
"url": "https://github.com/vanhoefm/krackattacks-scripts "
},
{
"title": "KRACK",
"trust": 0.1,
"url": "https://github.com/chinatso/krack "
},
{
"title": "krackinfo",
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo "
},
{
"title": "nixos-issue-db-example",
"trust": 0.1,
"url": "https://github.com/andir/nixos-issue-db-example "
},
{
"title": "SamsungReleaseNotes",
"trust": 0.1,
"url": "https://github.com/samreleasenotes/samsungreleasenotes "
},
{
"title": "welivesecurity",
"trust": 0.1,
"url": "https://www.welivesecurity.com/2019/10/17/alexa-how-amazon-echo-kindle-got-kracked/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/millions-of-amazon-echo-and-kindle-devices-affected-by-wifi-bug/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://www.krackattacks.com/"
},
{
"trust": 3.3,
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"trust": 2.9,
"url": "http://www.securityfocus.com/bid/101274"
},
{
"trust": 2.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
},
{
"trust": 2.7,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"trust": 2.5,
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"trust": 2.2,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"trust": 2.1,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-3455-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039585"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039581"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039578"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039577"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039576"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039573"
},
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/len-17420"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208222"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208221"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208220"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208219"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.7,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03792en_us"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"trust": 1.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
},
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
},
{
"trust": 1.1,
"url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
},
{
"trust": 1.1,
"url": "https://w1.fi/security/2017-1/"
},
{
"trust": 1.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/323.html"
},
{
"trust": 0.8,
"url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
},
{
"trust": 0.8,
"url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
},
{
"trust": 0.8,
"url": "https://www.al-enterprise.com/en/support/security-alert-krack"
},
{
"trust": 0.8,
"url": "https://support.apple.com/en-gb/ht208222"
},
{
"trust": 0.8,
"url": "https://security.archlinux.org/avg-447"
},
{
"trust": 0.8,
"url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
},
{
"trust": 0.8,
"url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
},
{
"trust": 0.8,
"url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
},
{
"trust": 0.8,
"url": "https://community.cypress.com/docs/doc-13871"
},
{
"trust": 0.8,
"url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
},
{
"trust": 0.8,
"url": "http://www.dell.com/support/article/sln307822"
},
{
"trust": 0.8,
"url": "https://github.com/espressif/esp8266_nonos_sdk"
},
{
"trust": 0.8,
"url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
},
{
"trust": 0.8,
"url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
},
{
"trust": 0.8,
"url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
},
{
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 0.8,
"url": "https://bugs.gentoo.org/634440"
},
{
"trust": 0.8,
"url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
},
{
"trust": 0.8,
"url": "https://kb.juniper.net/jsa10827"
},
{
"trust": 0.8,
"url": "https://support.lenovo.com/ca/en/product_security/len-17420"
},
{
"trust": 0.8,
"url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
},
{
"trust": 0.8,
"url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
},
{
"trust": 0.8,
"url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
},
{
"trust": 0.8,
"url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
},
{
"trust": 0.8,
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
},
{
"trust": 0.8,
"url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
},
{
"trust": 0.8,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
},
{
"trust": 0.8,
"url": "https://community.sophos.com/kb/en-us/127658"
},
{
"trust": 0.8,
"url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
},
{
"trust": 0.8,
"url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
},
{
"trust": 0.8,
"url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
},
{
"trust": 0.8,
"url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
},
{
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"trust": 0.8,
"url": "http://en.miui.com/thread-954223-1-1.html"
},
{
"trust": 0.8,
"url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
},
{
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
},
{
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
},
{
"trust": 0.8,
"url": "https://community.rsa.com/docs/doc-84103"
},
{
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k23642330"
},
{
"trust": 0.8,
"url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
},
{
"trust": 0.8,
"url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu94846424/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90609033/index.html"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
},
{
"trust": 0.6,
"url": "https://www.kb.cert.org/vuls/id/228519/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13077"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13078"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13080"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13087"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13082"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13086"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
},
{
"trust": 0.3,
"url": "http://www.wi-fi.org/index.php"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-ie/ht208847"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208334"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208327"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208325"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13081"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13084"
},
{
"trust": 0.3,
"url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://support.apple.com/downloads/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/330.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9417"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht208038"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13078"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13077"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://www.krackattacks.com/\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "145394"
},
{
"db": "PACKETSTORM",
"id": "145395"
},
{
"db": "PACKETSTORM",
"id": "148445"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
},
{
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "145394"
},
{
"db": "PACKETSTORM",
"id": "145395"
},
{
"db": "PACKETSTORM",
"id": "148445"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
},
{
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-17T00:00:00",
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"date": "2017-10-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"date": "2017-10-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"date": "2017-10-16T00:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2017-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"date": "2017-10-17T16:52:00",
"db": "PACKETSTORM",
"id": "144652"
},
{
"date": "2017-12-13T03:33:33",
"db": "PACKETSTORM",
"id": "145394"
},
{
"date": "2017-12-13T04:44:44",
"db": "PACKETSTORM",
"id": "145395"
},
{
"date": "2018-07-05T23:02:22",
"db": "PACKETSTORM",
"id": "148445"
},
{
"date": "2017-10-16T23:23:00",
"db": "PACKETSTORM",
"id": "144632"
},
{
"date": "2017-11-10T19:19:00",
"db": "PACKETSTORM",
"id": "144944"
},
{
"date": "2017-10-18T20:20:00",
"db": "PACKETSTORM",
"id": "144659"
},
{
"date": "2017-10-19T14:28:55",
"db": "PACKETSTORM",
"id": "144669"
},
{
"date": "2017-10-18T20:44:00",
"db": "PACKETSTORM",
"id": "144663"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-381"
},
{
"date": "2017-10-17T13:29:00.193000",
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"date": "2019-02-21T09:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"date": "2020-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-381"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
}
],
"trust": 0.6
}
}
VAR-201710-0207
Vulnerability from variot - Updated: 2024-07-23 20:12Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2017-12-6-3 watchOS 4.2
watchOS 4.2 addresses the following:
IOSurface Available for: All Apple Watch models Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-13861: Ian Beer of Google Project Zero
Kernel Available for: All Apple Watch models Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-13862: Apple CVE-2017-13876: Ian Beer of Google Project Zero
Kernel Available for: All Apple Watch models Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2017-13833: Brandon Azad
Kernel Available for: All Apple Watch models Impact: An application may be able to read restricted memory Description: A type confusion issue was addressed with improved memory handling. CVE-2017-13855: Jann Horn of Google Project Zero
Kernel Available for: All Apple Watch models Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-13867: Ian Beer of Google Project Zero
Kernel Available for: All Apple Watch models Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-13865: Ian Beer of Google Project Zero CVE-2017-13868: Brandon Azad CVE-2017-13869: Jann Horn of Google Project Zero
Wi-Fi Available for: Apple Watch (1st Generation) and Apple Watch Series 3 Released for Apple Watch Series 1 and Apple Watch Series 2 in watchOS 4.1. This was addressed with improved state management. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
Installation note:
Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About". Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).
An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.
For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.
For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.
For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.
We recommend that you upgrade your wpa packages. CVE-2017-13804: @qwertyoruiopz at KJC Research Intl. S.R.L. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Title: Microsoft Security Update Releases Issued: October 17, 2017
Summary
The following CVE has undergone a major revision increment.
- ADV170018
CVE Revision Information:
CVE-2017-13080
- Title: ADV170018 | October 2017 Flash Update
- https://portal.msrc.microsoft.com/en-us/security-guidance
- Reason for Revision: The October Adobe Flash Security Update is available for installation. See https://support.microsoft.com/ en-us/help/4049179 for more information.
- Originally posted: October 17, 2017
- Updated: N/A
- CVE Severity Rating: Critical
- Version: 1.0
Other Information
Recognize and avoid fraudulent email to Microsoft customers:
If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.
The Microsoft Security Response Center (MSRC) uses PGP to digitally sign all security notifications. However, PGP is not required for reading security notifications, reading security bulletins, or installing security updates. You can obtain the MSRC public PGP key at https://technet.microsoft.com/security/dn753714.
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
Microsoft respects your privacy. Please read our online Privacy Statement at http://go.microsoft.com/fwlink/?LinkId=81184.
If you would prefer not to receive future technical security notification alerts by email from Microsoft and its family of companies please visit the following website to unsubscribe: https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033.
These settings will not affect any newsletters youave requested or any mandatory service communications that are considered part of certain Microsoft services.
For legal Information, see: http://www.microsoft.com/info/legalinfo/default.mspx.
This newsletter was sent by: Microsoft Corporation 1 Microsoft Way Redmond, Washington, USA 98052
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 1950) - not licensed for commercial use: www.pgp.com Charset: utf-8
wsFVAwUBWeY7FvsCXwi14Wq8AQibMw/9HB/Dclpw74jADq8uMxo5mm+ZFGZ9gXqW pTdHL3HrzNqzsM/7oq1sYdzVqN2j35pXMpPmJnjt9ewhma0G+IKwwtu7efFelhUd bEB8o5KLREJJLnDVHWAfAEVvFqx15E7hbQdjQdwvK+fT26W7QwyyUnQt9akTR9bS v3B/GKLuacopPD7G/+v3g2N51NBbp1STidNTbOqbExK/UDqZBbkLs4XoC6FORXMY kdUzSuWPuDVQneqOpQlC9O2M7+f6qWWdVG67F44tD6e575eToCf0LVjsLIPEMx06 iuK0alu4HnUi3mwTpruwkrFANJlL0y6o6uwfBt/QQ/RQoe6EeBmQOvFB6jTa8fQ7 ydHIMTKgxCJQMzUGrrkr0F+M0S0yZkW5Pq90eZxLtvxAypJSbPlH3ET4h4hIeuqv 38eOg5Pb5FkBdaMaP0VqeI/k/Ur5TRHvLSBWp5jgZi6CMKb8srfTmR53vs5Igtgb Tsh10G0bXAExWWE/pqmQs+rW03/ElM5JoH8/wS9tG4M3UNvsnR2CUz2KbIvQcJFt DG34sh3Z5HztbGmkWUxWwORcUrvW0U6DnP1U4D6uSmcSZrO5dwIHTIA4kECw7Ret SjhMDbo9s2Y75VBb1ilIbQY3AnzT2q2j6t3kJnyh3IjmMP96bhmdF1FF4apToAUv TVE4JSTK9HY= =G8zY -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-3505-1 December 06, 2017
linux-firmware vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
- Ubuntu 17.04
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in linux-firmware.
Software Description: - linux-firmware: Firmware for Linux kernel drivers
Details:
Mathy Vanhoef discovered that the firmware for several Intel WLAN devices incorrectly handled WPA2 in relation to Wake on WLAN. (CVE-2017-13080, CVE-2017-13081)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.10: linux-firmware 1.169.1
Ubuntu 17.04: linux-firmware 1.164.2
Ubuntu 16.04 LTS: linux-firmware 1.157.14
Ubuntu 14.04 LTS: linux-firmware 1.127.24
After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project
Topic: WPA2 protocol vulnerability
Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
- Revision history
v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.
I.
hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.
II. Problem Description
A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.
III. Impact
Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.
IV. Workaround
An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:
wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"
and restart networking.
An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:
hostapd_program="/usr/local/sbin/hostapd"
and restart hostapd.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc
gpg --verify wpa-11.patch.asc
[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc
gpg --verify wpa-10.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0207",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "*"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "openstack cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "9front",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aerohive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "android open source",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "barracuda",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "broadcom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "centos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cradlepoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cypress semiconductor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "digi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "draytek",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "edimax computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "endian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "espressif",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hostap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipfire",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lancom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lede",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lifx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microchip",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mojo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nest",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netgear",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opnsense",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "omnirom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "open mesh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverbed",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "samsung mobile",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sony",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sophos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tp link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "texas instruments",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba commerce",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba electronic devices storage",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba memory",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turris omnia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "volumio",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xiaomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xirrus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zebra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dd wrt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "eero",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pfsense",
"version": null
},
{
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "freebsd",
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "linux enterprise desktop",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise point of sale",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "openstack cloud",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "hostapd",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "wpa supplicant",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "enterprise linux server",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "sr-m20ac1",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "sr-m20ac2",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "alliance wi-fi protected access 2",
"scope": null,
"trust": 0.6,
"vendor": "wi fi",
"version": null
},
{
"model": "scalance w-700",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux desktop",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux server",
"version": "11"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.1"
},
{
"model": "pyxis supplystation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "sinamics smart access module",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v200"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.27.3264"
},
{
"model": "meraki mr34",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ck71a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2.0"
},
{
"model": "macbook air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18500"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.0"
},
{
"model": "meraki mr26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28000"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr84",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "510x0"
},
{
"model": "windows server r2 for itanium-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "contact itc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "81130"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.0.0"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr18",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.3"
},
{
"model": "scalance w1750d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "secure ii med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "210x0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "aironet access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "wap371 wireless-ac n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "contact rad-80211-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "contact fl wlan dap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.25"
},
{
"model": "pyxis medstation es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88210"
},
{
"model": "pyxis stockstation system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "macbook",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.2"
},
{
"model": "scalance wlc712",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "contact fl wlan spa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "meraki mr62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic et200 pro im154-6 pn iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "tropos broadband mesh routers and bridges",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.2"
},
{
"model": "meraki mr33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "micros handheld terminal",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.2"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.6"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "110x0"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.4"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "contact fl comserver wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "232/422/4850"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.8"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7."
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1.91.3272"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.9"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "230802-110"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.1"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr14",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18150"
},
{
"model": "wireless client bridge 2.0.0.1-aruba501-b00",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.2"
},
{
"model": "airport express",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr16",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clarity engine",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0"
},
{
"model": "meraki mr30h",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0"
},
{
"model": "contact bl2 bpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "watch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "4.0"
},
{
"model": "ruggedcom rx1400",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "cn70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "pyxis parx handheld",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.40.100"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "meraki mr42",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.6"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.3"
},
{
"model": "wap561 wireless-n dual radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.26.3000"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6"
},
{
"model": "tvos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "contact rad-whg/wlan-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.3"
},
{
"model": "wi-fi update for boot camp",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.4.0"
},
{
"model": "suremark printer 2nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.0.0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.8"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "pyxis supply roller",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3"
},
{
"model": "telepresence collaboration endpoint",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2.61.3535"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "70xx0"
},
{
"model": "imac",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr72",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.25.3001"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2"
},
{
"model": "meraki mr53",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "wap551 wireless-n single radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.0.0"
},
{
"model": "wap121 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.5"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.0.1000"
},
{
"model": "wireless client bridge 1.0.1.3-hp501-b0012",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "i.roc ci70-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.0.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1"
},
{
"model": "cn70e-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.0.0.0"
},
{
"model": "meraki mr24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "suremark printer 1nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "50xx0"
},
{
"model": "meraki mr74",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.15"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.20"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.1"
},
{
"model": "systems esp32",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "micros handheld terminal 2.03.0.0.021r",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "38000"
},
{
"model": "pyxis parx",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dx70",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1.9"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2141"
},
{
"model": "pyxis anesthesia es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "aironet series officeextend access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18100"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.55.3000"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "meraki mr66",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2131"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.2"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18300"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.0.50.1004"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.1.0"
},
{
"model": "wap321 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic iwlan-pb/link",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "aironet 1810w series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr52",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr12",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airmesh msr",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.20"
},
{
"model": "watchos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "contact fl wlan ec",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.8"
},
{
"model": "systems esp8266",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "pad-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.0.1205"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88610"
},
{
"model": "clarity engine",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0.0.1"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15600"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.5"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.8"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "meraki mr58",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.2"
},
{
"model": "pyxis parassist system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0"
},
{
"model": "simatic mobile panel 277 iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "pyxis medstation t2",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.0.0"
},
{
"model": "wi-fi update for boot camp",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "30xx0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.6"
},
{
"model": "wireless client bridge",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "5010"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.5"
},
{
"model": "meraki mr11",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "35000"
},
{
"model": "automation stratix 15.3 jc1",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "5100"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "pyxis ciisafe workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "??0"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.0.0"
},
{
"model": "ipad air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1.71.3608"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.41.3024"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "dx80",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.0"
},
{
"model": "contact bl2 ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "contact tpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "60130"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1"
},
{
"model": "ck70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.20"
},
{
"model": "macbook pro",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.8"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.4"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.2"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.3"
},
{
"model": "tab-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "macmini",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.16"
},
{
"model": "contact fl wlan epa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "airport time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "alliance wpa2 (wi-fi protected access",
"scope": "eq",
"trust": 0.3,
"vendor": "wi fi",
"version": "2)0"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.9"
},
{
"model": "scalance wlc711",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "ruggedcom rs9xxw",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.15"
},
{
"model": "networks unifi access point",
"scope": "eq",
"trust": 0.3,
"vendor": "ubiquiti",
"version": "0"
},
{
"model": "suremark printer 2cr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88650"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "asa 5506w-x w/ firepower services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.9"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3005"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.0.0.0"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2010"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "14.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "16.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "17.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "9.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux desktop",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux point of sale",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openstack cloud",
"version": "6"
}
],
"sources": [
{
"db": "IVD",
"id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30403"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009173"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-383"
},
{
"db": "NVD",
"id": "CVE-2017-13080"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13080"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
"sources": [
{
"db": "BID",
"id": "101274"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-383"
}
],
"trust": 0.9
},
"cve": "CVE-2017-13080",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13080",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CNVD-2017-30403",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13080",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-13080",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-30403",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-383",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-13080",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
},
{
"db": "CNVD",
"id": "CNVD-2017-30403"
},
{
"db": "VULMON",
"id": "CVE-2017-13080"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009173"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-383"
},
{
"db": "NVD",
"id": "CVE-2017-13080"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). WPA2 is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2017-12-6-3 watchOS 4.2\n\nwatchOS 4.2 addresses the following:\n\nIOSurface\nAvailable for: All Apple Watch models\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-13861: Ian Beer of Google Project Zero\n\nKernel\nAvailable for: All Apple Watch models\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-13862: Apple\nCVE-2017-13876: Ian Beer of Google Project Zero\n\nKernel\nAvailable for: All Apple Watch models\nImpact: An application may be able to read restricted memory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2017-13833: Brandon Azad\n\nKernel\nAvailable for: All Apple Watch models\nImpact: An application may be able to read restricted memory\nDescription: A type confusion issue was addressed with improved\nmemory handling. \nCVE-2017-13855: Jann Horn of Google Project Zero\n\nKernel\nAvailable for: All Apple Watch models\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-13867: Ian Beer of Google Project Zero\n\nKernel\nAvailable for: All Apple Watch models\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2017-13865: Ian Beer of Google Project Zero\nCVE-2017-13868: Brandon Azad\nCVE-2017-13869: Jann Horn of Google Project Zero\n\nWi-Fi\nAvailable for: Apple Watch (1st Generation) and Apple Watch Series 3\nReleased for Apple Watch Series 1 and Apple Watch Series 2 in\nwatchOS 4.1. This was addressed with improved state management. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nInstallation note:\n\nInstructions on how to update your Apple Watch software are\navailable at https://support.apple.com/kb/HT204641\n\nTo check the version on your Apple Watch, open the Apple Watch app\non your iPhone and select \"My Watch \u003e General \u003e About\". \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\". Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. \nCVE-2017-13804: @qwertyoruiopz at KJC Research Intl. S.R.L. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n********************************************************************\nTitle: Microsoft Security Update Releases\nIssued: October 17, 2017\n********************************************************************\n\nSummary\n=======\n\nThe following CVE has undergone a major revision increment. \n\n* ADV170018\n\n\nCVE Revision Information:\n=====================\n\nCVE-2017-13080\n\n - Title: ADV170018 | October 2017 Flash Update\n - https://portal.msrc.microsoft.com/en-us/security-guidance\n - Reason for Revision: The October Adobe Flash Security Update is \n available for installation. See https://support.microsoft.com/\n en-us/help/4049179 for more information. \n - Originally posted: October 17, 2017 \n - Updated: N/A \n - CVE Severity Rating: Critical\n - Version: 1.0\n\n\nOther Information\n=================\n\nRecognize and avoid fraudulent email to Microsoft customers:\n=============================================================\nIf you receive an email message that claims to be distributing \na Microsoft security update, it is a hoax that may contain \nmalware or pointers to malicious websites. Microsoft does \nnot distribute security updates via email. \n\nThe Microsoft Security Response Center (MSRC) uses PGP to digitally \nsign all security notifications. However, PGP is not required for \nreading security notifications, reading security bulletins, or \ninstalling security updates. You can obtain the MSRC public PGP key\nat \u003chttps://technet.microsoft.com/security/dn753714\u003e. \n\n********************************************************************\nTHE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS\nPROVIDED \"AS IS\" WITHOUT WARRANTY OF ANY KIND. MICROSOFT\nDISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING\nTHE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\nPURPOSE. \nIN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE\nLIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,\nINCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL\nDAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN\nADVISED OF THE POSSIBILITY OF SUCH DAMAGES. \nSOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY\nFOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING\nLIMITATION MAY NOT APPLY. \n********************************************************************\n\nMicrosoft respects your privacy. Please read our online Privacy\nStatement at \u003chttp://go.microsoft.com/fwlink/?LinkId=81184\u003e. \n\nIf you would prefer not to receive future technical security\nnotification alerts by email from Microsoft and its family of\ncompanies please visit the following website to unsubscribe:\n\u003chttps://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar\nd.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e\u0026%3blcid=1033\u003e. \n\nThese settings will not affect any newsletters youave requested or\nany mandatory service communications that are considered part of\ncertain Microsoft services. \n\nFor legal Information, see:\n\u003chttp://www.microsoft.com/info/legalinfo/default.mspx\u003e. \n\nThis newsletter was sent by:\nMicrosoft Corporation\n1 Microsoft Way\nRedmond, Washington, USA\n98052\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 10.2.0 (Build 1950) - not licensed for commercial use: www.pgp.com\nCharset: utf-8\n\nwsFVAwUBWeY7FvsCXwi14Wq8AQibMw/9HB/Dclpw74jADq8uMxo5mm+ZFGZ9gXqW\npTdHL3HrzNqzsM/7oq1sYdzVqN2j35pXMpPmJnjt9ewhma0G+IKwwtu7efFelhUd\nbEB8o5KLREJJLnDVHWAfAEVvFqx15E7hbQdjQdwvK+fT26W7QwyyUnQt9akTR9bS\nv3B/GKLuacopPD7G/+v3g2N51NBbp1STidNTbOqbExK/UDqZBbkLs4XoC6FORXMY\nkdUzSuWPuDVQneqOpQlC9O2M7+f6qWWdVG67F44tD6e575eToCf0LVjsLIPEMx06\niuK0alu4HnUi3mwTpruwkrFANJlL0y6o6uwfBt/QQ/RQoe6EeBmQOvFB6jTa8fQ7\nydHIMTKgxCJQMzUGrrkr0F+M0S0yZkW5Pq90eZxLtvxAypJSbPlH3ET4h4hIeuqv\n38eOg5Pb5FkBdaMaP0VqeI/k/Ur5TRHvLSBWp5jgZi6CMKb8srfTmR53vs5Igtgb\nTsh10G0bXAExWWE/pqmQs+rW03/ElM5JoH8/wS9tG4M3UNvsnR2CUz2KbIvQcJFt\nDG34sh3Z5HztbGmkWUxWwORcUrvW0U6DnP1U4D6uSmcSZrO5dwIHTIA4kECw7Ret\nSjhMDbo9s2Y75VBb1ilIbQY3AnzT2q2j6t3kJnyh3IjmMP96bhmdF1FF4apToAUv\nTVE4JSTK9HY=\n=G8zY\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-3505-1\nDecember 06, 2017\n\nlinux-firmware vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.10\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in linux-firmware. \n\nSoftware Description:\n- linux-firmware: Firmware for Linux kernel drivers\n\nDetails:\n\nMathy Vanhoef discovered that the firmware for several Intel WLAN\ndevices incorrectly handled WPA2 in relation to Wake on WLAN. (CVE-2017-13080, CVE-2017-13081)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.10:\n linux-firmware 1.169.1\n\nUbuntu 17.04:\n linux-firmware 1.164.2\n\nUbuntu 16.04 LTS:\n linux-firmware 1.157.14\n\nUbuntu 14.04 LTS:\n linux-firmware 1.127.24\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa Security Advisory\n The FreeBSD Project\n\nTopic: WPA2 protocol vulnerability\n\nCategory: contrib\nModule: wpa\nAnnounced: 2017-10-16\nCredits: Mathy Vanhoef\nAffects: All supported versions of FreeBSD. \nCorrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0. Revision history\n\nv1.0 2017-10-17 Initial release. \nv1.1 2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII. Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV. Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/11/ r324697\nreleng/11.0/ r324698\nreleng/11.1/ r324699\nstable/10/ r324739\nreleng/10.3/ r324740\nreleng/10.4/ r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13080"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009173"
},
{
"db": "CNVD",
"id": "CNVD-2017-30403"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "IVD",
"id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
},
{
"db": "VULMON",
"id": "CVE-2017-13080"
},
{
"db": "PACKETSTORM",
"id": "145272"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144828"
},
{
"db": "PACKETSTORM",
"id": "145430"
},
{
"db": "PACKETSTORM",
"id": "145273"
},
{
"db": "PACKETSTORM",
"id": "144666"
},
{
"db": "PACKETSTORM",
"id": "145228"
},
{
"db": "PACKETSTORM",
"id": "144829"
},
{
"db": "PACKETSTORM",
"id": "144669"
}
],
"trust": 4.23
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-13080",
"trust": 4.5
},
{
"db": "CERT/CC",
"id": "VU#228519",
"trust": 4.2
},
{
"db": "BID",
"id": "101274",
"trust": 2.6
},
{
"db": "LENOVO",
"id": "LEN-17420",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1039703",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039572",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039573",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039576",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039577",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039578",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039581",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039585",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-901333",
"trust": 1.7
},
{
"db": "CERT@VDE",
"id": "VDE-2017-003",
"trust": 1.7
},
{
"db": "CERT@VDE",
"id": "VDE-2017-005",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSMA-18-114-01",
"trust": 1.2
},
{
"db": "ICS CERT",
"id": "ICSMA-19-029-01",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-353-02",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-01",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-325-01",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2017-30403",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-383",
"trust": 0.8
},
{
"db": "JUNIPER",
"id": "JSA10827",
"trust": 0.8
},
{
"db": "DLINK",
"id": "SAP10075",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02A",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94846424",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90609033",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009173",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.3967",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4125",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-45682",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-299-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02",
"trust": 0.3
},
{
"db": "IVD",
"id": "52CDA2A8-8175-413F-97BB-CF2E4C75F7C4",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2017-13080",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145272",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144828",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145430",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145273",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144666",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145228",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144829",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144669",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30403"
},
{
"db": "VULMON",
"id": "CVE-2017-13080"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009173"
},
{
"db": "PACKETSTORM",
"id": "145272"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144828"
},
{
"db": "PACKETSTORM",
"id": "145430"
},
{
"db": "PACKETSTORM",
"id": "145273"
},
{
"db": "PACKETSTORM",
"id": "144666"
},
{
"db": "PACKETSTORM",
"id": "145228"
},
{
"db": "PACKETSTORM",
"id": "144829"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-383"
},
{
"db": "NVD",
"id": "CVE-2017-13080"
}
]
},
"id": "VAR-201710-0207",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
},
{
"db": "CNVD",
"id": "CNVD-2017-30403"
}
],
"trust": 1.3965711281818183
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
},
{
"db": "CNVD",
"id": "CNVD-2017-30403"
}
]
},
"last_update_date": "2024-07-23T20:12:56.623000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ARUBA-PSA-2017-007",
"trust": 0.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"title": "DSA-3999",
"trust": 0.8,
"url": "https://www.debian.org/security/2017/dsa-3999"
},
{
"title": "FreeBSD-SA-17:07.wpa",
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"title": "LEN-17420",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/en/product_security/len-17420"
},
{
"title": "NV17-024",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
},
{
"title": "openSUSE-SU-2017:2755",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"title": "SUSE-SU-2017:2745",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"title": "SUSE-SU-2017:2752",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"title": "RHSA-2017:2907",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"title": "RHSA-2017:2911",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"title": "CVE-2017-13080 | Windows Wireless WPA Group Key Reinstallation Vulnerability",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
},
{
"title": "USN-3455-1",
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"title": "WPA packet number reuse with replayed messages and key reinstallation",
"trust": 0.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
},
{
"title": "CVE-2017-13080 | Windows Wireless WPA Group Key Reinstallation Vulnerability",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/cve-2017-13080"
},
{
"title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.iodata.jp/support/information/2017/wpa2/"
},
{
"title": "\u7121\u7ddaLAN\u306e\u6697\u53f7\u5316\u901a\u4fe1\u898f\u683cWPA2\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://dynabook.com/assistpc/info/2017/201711_wpa2.htm"
},
{
"title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/info/20171110/"
},
{
"title": "Patch for WPA2 Wireless Network GTK Group Key Reload Vulnerability (CNVD-2017-30403)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/103821"
},
{
"title": "Multiple WiFi product WPA2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75497"
},
{
"title": "Red Hat: Important: wpa_supplicant security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172911 - security advisory"
},
{
"title": "Ubuntu Security Notice: linux-firmware vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3505-1"
},
{
"title": "Red Hat: Important: wpa_supplicant security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172907 - security advisory"
},
{
"title": "Red Hat: CVE-2017-13080",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13080"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13080"
},
{
"title": "Apple: Wi-Fi Update for Boot Camp 6.4.0",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=4dc3bb86865485e4364fd6b2dc2fc379"
},
{
"title": "Apple: watchOS 4.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=345c3fa8a313cd9a1ced5ef372c465c4"
},
{
"title": "Apple: AirPort Base Station Firmware Update 7.6.9",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=43d8dcf7961e20b6ec02761d12969c19"
},
{
"title": "Apple: AirPort Base Station Firmware Update 7.7.9",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7ca8130f8030911575aa17c0e84114dd"
},
{
"title": "Debian CVElist Bug Report Logs: firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2e0affd9108e95fa2aa2c706c74cd8a9"
},
{
"title": "Ubuntu Security Notice: wpa vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3455-1"
},
{
"title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
},
{
"title": "Apple: tvOS 11.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7a8e908aff7c02a31b2d335766e6d5c2"
},
{
"title": "HP: HPSBHF03582 rev. 2 - KRACK Vulnerability Affecting WPA2 Wireless Security",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbhf03582"
},
{
"title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-23"
},
{
"title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-22"
},
{
"title": "HP: HPSBPI03574 rev. 1 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbpi03574"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
},
{
"title": "Apple: iOS 11.2",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=75d972e5e0d4b4019a5bb869f1befb00"
},
{
"title": "HP: HPSBHF03697 rev. 1 - Intel\u00ae PROSet/Wireless WiFi Software November 2020 Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbhf03697"
},
{
"title": "Apple: tvOS 11.2",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=8d9ba2a4e31c3f4387eccea1c1dbc99c"
},
{
"title": "Apple: watchOS 4.2",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=8658f9579768b2f61d8a0c0f1d03ed58"
},
{
"title": "Apple: iOS 11.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7814c280e80969d4c4d88f74b13290f2"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
},
{
"title": "Apple: macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=8e90004e437eabc9a0809772bb0707c4"
},
{
"title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
},
{
"title": "HP: HPSBHF03571 rev. 6 - Intel Management Engine Cumulative Security update and fix for WPA2 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbhf03571"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Apple: macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=870f3f04ef17f7b183f74ae687a1561d"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "vanhoefm-krackattacks-scripts",
"trust": 0.1,
"url": "https://github.com/84kaliplexon3/vanhoefm-krackattacks-scripts "
},
{
"title": "krankattack",
"trust": 0.1,
"url": "https://github.com/devkosov/krankattack "
},
{
"title": "krackattacks-scripts",
"trust": 0.1,
"url": "https://github.com/vanhoefm/krackattacks-scripts "
},
{
"title": "KRACK",
"trust": 0.1,
"url": "https://github.com/chinatso/krack "
},
{
"title": "krackinfo",
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo "
},
{
"title": "nixos-issue-db-example",
"trust": 0.1,
"url": "https://github.com/andir/nixos-issue-db-example "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30403"
},
{
"db": "VULMON",
"id": "CVE-2017-13080"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009173"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-383"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009173"
},
{
"db": "NVD",
"id": "CVE-2017-13080"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "https://www.krackattacks.com/"
},
{
"trust": 3.5,
"url": "http://www.securityfocus.com/bid/101274"
},
{
"trust": 3.3,
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"trust": 2.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
},
{
"trust": 2.8,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
},
{
"trust": 2.5,
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"trust": 2.5,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"trust": 2.1,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"trust": 2.0,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039585"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039581"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039578"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039577"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039576"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039573"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039572"
},
{
"trust": 1.7,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/len-17420"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-3455-1"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039703"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208222"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208221"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208220"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208219"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208334"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208327"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208325"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
},
{
"trust": 1.7,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03792en_us"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"trust": 1.7,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
},
{
"trust": 1.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
},
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
},
{
"trust": 1.1,
"url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
},
{
"trust": 1.1,
"url": "https://w1.fi/security/2017-1/"
},
{
"trust": 1.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/323.html"
},
{
"trust": 0.8,
"url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
},
{
"trust": 0.8,
"url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
},
{
"trust": 0.8,
"url": "https://www.al-enterprise.com/en/support/security-alert-krack"
},
{
"trust": 0.8,
"url": "https://support.apple.com/en-gb/ht208222"
},
{
"trust": 0.8,
"url": "https://security.archlinux.org/avg-447"
},
{
"trust": 0.8,
"url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
},
{
"trust": 0.8,
"url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
},
{
"trust": 0.8,
"url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
},
{
"trust": 0.8,
"url": "https://community.cypress.com/docs/doc-13871"
},
{
"trust": 0.8,
"url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
},
{
"trust": 0.8,
"url": "http://www.dell.com/support/article/sln307822"
},
{
"trust": 0.8,
"url": "https://github.com/espressif/esp8266_nonos_sdk"
},
{
"trust": 0.8,
"url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
},
{
"trust": 0.8,
"url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
},
{
"trust": 0.8,
"url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
},
{
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 0.8,
"url": "https://bugs.gentoo.org/634440"
},
{
"trust": 0.8,
"url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
},
{
"trust": 0.8,
"url": "https://kb.juniper.net/jsa10827"
},
{
"trust": 0.8,
"url": "https://support.lenovo.com/ca/en/product_security/len-17420"
},
{
"trust": 0.8,
"url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
},
{
"trust": 0.8,
"url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
},
{
"trust": 0.8,
"url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
},
{
"trust": 0.8,
"url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
},
{
"trust": 0.8,
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
},
{
"trust": 0.8,
"url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
},
{
"trust": 0.8,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
},
{
"trust": 0.8,
"url": "https://community.sophos.com/kb/en-us/127658"
},
{
"trust": 0.8,
"url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
},
{
"trust": 0.8,
"url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
},
{
"trust": 0.8,
"url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
},
{
"trust": 0.8,
"url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
},
{
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"trust": 0.8,
"url": "http://en.miui.com/thread-954223-1-1.html"
},
{
"trust": 0.8,
"url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
},
{
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
},
{
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
},
{
"trust": 0.8,
"url": "https://community.rsa.com/docs/doc-84103"
},
{
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k23642330"
},
{
"trust": 0.8,
"url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
},
{
"trust": 0.8,
"url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90609033/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu94846424/"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
},
{
"trust": 0.6,
"url": "https://www.kb.cert.org/vuls/id/228519/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3967/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-45682"
},
{
"trust": 0.5,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.5,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.3,
"url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
},
{
"trust": 0.3,
"url": "http://www.wi-fi.org/index.php"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-ie/ht208847"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208334"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208327"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208325"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13077"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13078"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13080"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13081"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13082"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13084"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13086"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13087"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13088"
},
{
"trust": 0.3,
"url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13865"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13868"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13876"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13862"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13869"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13833"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13861"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13867"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13855"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
},
{
"trust": 0.2,
"url": "https://support.apple.com/kb/ht204641"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13799"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13849"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13804"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/330.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3505-1/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13798"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13796"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13803"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13793"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13791"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13802"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13792"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13795"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13785"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13784"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13794"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13783"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13788"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13866"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7156"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13856"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13870"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7157"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/info/legalinfo/default.mspx\u003e."
},
{
"trust": 0.1,
"url": "http://go.microsoft.com/fwlink/?linkid=81184\u003e."
},
{
"trust": 0.1,
"url": "https://www.pgp.com"
},
{
"trust": 0.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance"
},
{
"trust": 0.1,
"url": "https://support.microsoft.com/"
},
{
"trust": 0.1,
"url": "https://technet.microsoft.com/security/dn753714\u003e."
},
{
"trust": 0.1,
"url": "https://profile.microsoft.com/regsysprofilecenter/subscriptionwizar"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.169.1"
},
{
"trust": 0.1,
"url": "https://www.ubuntu.com/usn/usn-3505-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.164.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.157.14"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.127.24"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://www.krackattacks.com/\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30403"
},
{
"db": "VULMON",
"id": "CVE-2017-13080"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009173"
},
{
"db": "PACKETSTORM",
"id": "145272"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144828"
},
{
"db": "PACKETSTORM",
"id": "145430"
},
{
"db": "PACKETSTORM",
"id": "145273"
},
{
"db": "PACKETSTORM",
"id": "144666"
},
{
"db": "PACKETSTORM",
"id": "145228"
},
{
"db": "PACKETSTORM",
"id": "144829"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-383"
},
{
"db": "NVD",
"id": "CVE-2017-13080"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30403"
},
{
"db": "VULMON",
"id": "CVE-2017-13080"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009173"
},
{
"db": "PACKETSTORM",
"id": "145272"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144828"
},
{
"db": "PACKETSTORM",
"id": "145430"
},
{
"db": "PACKETSTORM",
"id": "145273"
},
{
"db": "PACKETSTORM",
"id": "144666"
},
{
"db": "PACKETSTORM",
"id": "145228"
},
{
"db": "PACKETSTORM",
"id": "144829"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-383"
},
{
"db": "NVD",
"id": "CVE-2017-13080"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-17T00:00:00",
"db": "IVD",
"id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
},
{
"date": "2017-10-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30403"
},
{
"date": "2017-10-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13080"
},
{
"date": "2017-10-16T00:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2017-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009173"
},
{
"date": "2017-12-08T15:55:55",
"db": "PACKETSTORM",
"id": "145272"
},
{
"date": "2017-10-16T13:49:34",
"db": "PACKETSTORM",
"id": "144630"
},
{
"date": "2017-11-01T15:44:40",
"db": "PACKETSTORM",
"id": "144828"
},
{
"date": "2017-12-15T04:44:44",
"db": "PACKETSTORM",
"id": "145430"
},
{
"date": "2017-12-08T14:55:55",
"db": "PACKETSTORM",
"id": "145273"
},
{
"date": "2017-10-18T10:11:11",
"db": "PACKETSTORM",
"id": "144666"
},
{
"date": "2017-12-06T22:22:00",
"db": "PACKETSTORM",
"id": "145228"
},
{
"date": "2017-11-01T15:46:36",
"db": "PACKETSTORM",
"id": "144829"
},
{
"date": "2017-10-19T14:28:55",
"db": "PACKETSTORM",
"id": "144669"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-383"
},
{
"date": "2017-10-17T13:29:00.397000",
"db": "NVD",
"id": "CVE-2017-13080"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30403"
},
{
"date": "2020-11-10T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13080"
},
{
"date": "2019-02-21T09:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009173"
},
{
"date": "2021-12-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-383"
},
{
"date": "2020-11-10T21:15:12.267000",
"db": "NVD",
"id": "CVE-2017-13080"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-383"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-383"
}
],
"trust": 0.6
}
}
VAR-201710-0206
Vulnerability from variot - Updated: 2024-07-23 19:26Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a PTK-TK key reload vulnerability in the fourth handshake. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================
- Summary:
An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1491692 - CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake 1491693 - CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake 1491696 - CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake 1491698 - CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it 1500302 - CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake 1500303 - CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame 1500304 - CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm
ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm
ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm
s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFZ5nilXlSAg2UNWIIRAu7RAJwO3CwWfh61xybvjdxlG0Iqd17JpwCcD5FK 5vz/c6aXRYIJEjVFKVqkVU0= =rSjV -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9
AirPort Base Station Firmware Update 7.7.9 is now available and addresses the following:
AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence
AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management. CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU Leuven CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
Installation note:
Firmware version 7.7.9 is installed on AirPort Extreme or AirPort Time Capsule base stations with 802.11ac using AirPort Utility for Mac or iOS.
AirPort Utility for Mac is a free download from https://support.apple.com/downloads/ and AirPort Utility for iOS is a free download from the App Store. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
Installation note:
Wi-Fi Update for Boot Camp 6.4.0 may be obtained from Apple Software Update for Windows. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).
An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.
For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.
For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.
For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.
We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017
wpa vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in wpa_supplicant.
Software Description: - wpa: client support for WPA and WPA2
Details:
Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1
Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2
Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5
After a standard system update you need to reboot your computer to make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201711-03
https://security.gentoo.org/
Severity: Normal Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks Date: November 10, 2017 Bugs: #634436, #634438 ID: 201711-03
Synopsis
A flaw was discovered in the 4-way handshake in hostapd and wpa_supplicant that allows attackers to conduct a Man in the Middle attack. hostapd is a user space daemon for access point and authentication servers.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-wireless/hostapd < 2.6-r1 >= 2.6-r1 2 net-wireless/wpa_supplicant < 2.6-r3 >= 2.6-r3 ------------------------------------------------------------------- 2 affected packages
Description
WiFi Protected Access (WPA and WPA2) and it's associated technologies are all vulnerable to the KRACK attacks. Please review the referenced CVE identifiers for details.
Impact
An attacker can carry out the KRACK attacks on a wireless network in order to gain access to network clients. Once achieved, the attacker can potentially harvest confidential information (e.g. HTTP/HTTPS), inject malware, or perform a myriad of other attacks.
Workaround
There is no known workaround at this time.
Resolution
All hostapd users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-wireless/hostapd-2.6-r1"
All wpa_supplicant users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=net-wireless/wpa_supplicant-2.6-r3"
References
[ 1 ] CVE-2017-13077 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077 [ 2 ] CVE-2017-13078 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078 [ 3 ] CVE-2017-13079 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079 [ 4 ] CVE-2017-13080 . 6) - i386, x86_64
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz
MD5 signatures: +-------------+
Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz
Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0206",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "11"
},
{
"model": "openstack cloud",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "6"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "12"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "12"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "*"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "9front",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aerohive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "android open source",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "barracuda",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "broadcom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "centos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cradlepoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cypress semiconductor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "digi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "draytek",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "edimax computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "endian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "espressif",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hostap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipfire",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lancom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lede",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lifx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microchip",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mojo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nest",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netgear",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opnsense",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "omnirom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "open mesh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverbed",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "samsung mobile",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sony",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sophos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tp link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "texas instruments",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba commerce",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba electronic devices storage",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba memory",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turris omnia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "volumio",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xiaomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xirrus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zebra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dd wrt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "eero",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pfsense",
"version": null
},
{
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "freebsd",
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "linux enterprise desktop",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise point of sale",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "openstack cloud",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "hostapd",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "wpa supplicant",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "enterprise linux server",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "sr-m20ac1",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "sr-m20ac2",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "alliance wi-fi protected access 2",
"scope": null,
"trust": 0.6,
"vendor": "wi fi",
"version": null
},
{
"model": "alliance w1.f1 wpa supplicant",
"scope": "eq",
"trust": 0.6,
"vendor": "wi fi",
"version": "2.6"
},
{
"model": "scalance w-700",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux desktop",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux server",
"version": "11"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.1"
},
{
"model": "pyxis supplystation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "sinamics smart access module",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v200"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.27.3264"
},
{
"model": "meraki mr34",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ck71a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2.0"
},
{
"model": "macbook air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18500"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.0"
},
{
"model": "meraki mr26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28000"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr84",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "510x0"
},
{
"model": "windows server r2 for itanium-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "contact itc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "81130"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.0.0"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr18",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.3"
},
{
"model": "scalance w1750d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "secure ii med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "210x0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "aironet access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "wap371 wireless-ac n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "contact rad-80211-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "contact fl wlan dap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.25"
},
{
"model": "pyxis medstation es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88210"
},
{
"model": "pyxis stockstation system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "macbook",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.2"
},
{
"model": "scalance wlc712",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "contact fl wlan spa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "meraki mr62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic et200 pro im154-6 pn iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "tropos broadband mesh routers and bridges",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.2"
},
{
"model": "meraki mr33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "micros handheld terminal",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.2"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.6"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "110x0"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.4"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "contact fl comserver wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "232/422/4850"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.8"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7."
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1.91.3272"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.9"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "230802-110"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.1"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr14",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18150"
},
{
"model": "wireless client bridge 2.0.0.1-aruba501-b00",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.2"
},
{
"model": "airport express",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr16",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clarity engine",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0"
},
{
"model": "meraki mr30h",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0"
},
{
"model": "contact bl2 bpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "watch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "4.0"
},
{
"model": "ruggedcom rx1400",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "cn70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "pyxis parx handheld",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.40.100"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "meraki mr42",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.6"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.3"
},
{
"model": "wap561 wireless-n dual radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.26.3000"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6"
},
{
"model": "tvos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "contact rad-whg/wlan-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.3"
},
{
"model": "wi-fi update for boot camp",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.4.0"
},
{
"model": "suremark printer 2nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.0.0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.8"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "pyxis supply roller",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3"
},
{
"model": "telepresence collaboration endpoint",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2.61.3535"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "70xx0"
},
{
"model": "imac",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr72",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.25.3001"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2"
},
{
"model": "meraki mr53",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "wap551 wireless-n single radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.0.0"
},
{
"model": "wap121 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.5"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.0.1000"
},
{
"model": "wireless client bridge 1.0.1.3-hp501-b0012",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "i.roc ci70-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.0.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1"
},
{
"model": "cn70e-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.0.0.0"
},
{
"model": "meraki mr24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "suremark printer 1nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "50xx0"
},
{
"model": "meraki mr74",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.15"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.20"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.1"
},
{
"model": "systems esp32",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "micros handheld terminal 2.03.0.0.021r",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "38000"
},
{
"model": "pyxis parx",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dx70",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1.9"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2141"
},
{
"model": "pyxis anesthesia es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "aironet series officeextend access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18100"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.55.3000"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "meraki mr66",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2131"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.2"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18300"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.0.50.1004"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.1.0"
},
{
"model": "wap321 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic iwlan-pb/link",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "aironet 1810w series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr52",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr12",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airmesh msr",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.20"
},
{
"model": "watchos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "contact fl wlan ec",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.8"
},
{
"model": "systems esp8266",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "pad-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.0.1205"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88610"
},
{
"model": "clarity engine",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0.0.1"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15600"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.5"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.8"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "meraki mr58",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.2"
},
{
"model": "pyxis parassist system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0"
},
{
"model": "simatic mobile panel 277 iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "pyxis medstation t2",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.0.0"
},
{
"model": "wi-fi update for boot camp",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "30xx0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.6"
},
{
"model": "wireless client bridge",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "5010"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.5"
},
{
"model": "meraki mr11",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "35000"
},
{
"model": "automation stratix 15.3 jc1",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "5100"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "pyxis ciisafe workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "??0"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.0.0"
},
{
"model": "ipad air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1.71.3608"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.41.3024"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "dx80",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.0"
},
{
"model": "contact bl2 ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "contact tpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "60130"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1"
},
{
"model": "ck70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.20"
},
{
"model": "macbook pro",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.8"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.4"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.2"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.3"
},
{
"model": "tab-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "macmini",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.16"
},
{
"model": "contact fl wlan epa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "airport time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "alliance wpa2 (wi-fi protected access",
"scope": "eq",
"trust": 0.3,
"vendor": "wi fi",
"version": "2)0"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.9"
},
{
"model": "scalance wlc711",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "ruggedcom rs9xxw",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.15"
},
{
"model": "networks unifi access point",
"scope": "eq",
"trust": 0.3,
"vendor": "ubiquiti",
"version": "0"
},
{
"model": "suremark printer 2cr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88650"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "asa 5506w-x w/ firepower services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.9"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3005"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.0.0.0"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2010"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "14.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "16.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "17.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "9.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux desktop",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux point of sale",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openstack cloud",
"version": "6"
}
],
"sources": [
{
"db": "IVD",
"id": "69402209-7265-4991-8217-51ff9b4857be"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30406"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008412"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-380"
},
{
"db": "NVD",
"id": "CVE-2017-13077"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13077"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
"sources": [
{
"db": "BID",
"id": "101274"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-380"
}
],
"trust": 0.9
},
"cve": "CVE-2017-13077",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-13077",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CNVD-2017-30406",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "69402209-7265-4991-8217-51ff9b4857be",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-13077",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-13077",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-30406",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-380",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "69402209-7265-4991-8217-51ff9b4857be",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-13077",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "69402209-7265-4991-8217-51ff9b4857be"
},
{
"db": "CNVD",
"id": "CNVD-2017-30406"
},
{
"db": "VULMON",
"id": "CVE-2017-13077"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008412"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-380"
},
{
"db": "NVD",
"id": "CVE-2017-13077"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a PTK-TK key reload vulnerability in the fourth handshake. WPA2 is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: wpa_supplicant security update\nAdvisory ID: RHSA-2017:2907-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2017:2907\nIssue date: 2017-10-17\nCVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1491692 - CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake\n1491693 - CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake\n1491696 - CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake\n1491698 - CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it\n1500302 - CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake\n1500303 - CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame\n1500304 - CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZ5nilXlSAg2UNWIIRAu7RAJwO3CwWfh61xybvjdxlG0Iqd17JpwCcD5FK\n5vz/c6aXRYIJEjVFKVqkVU0=\n=rSjV\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9\n\nAirPort Base Station Firmware Update 7.7.9 is now available and\naddresses the following:\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker within range may be able to execute arbitrary\ncode on the Wi-Fi chip\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-9417: Nitay Artenstein of Exodus Intelligence\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker in Wi-Fi range may force nonce reuse in WPA\nunicast/PTK clients (Key Reinstallation Attacks - KRACK)\nDescription: A logic issue existed in the handling of state\ntransitions. This was addressed with improved state management. \nCVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\nCVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker in Wi-Fi range may force nonce reuse in WPA\nmulticast/GTK clients (Key Reinstallation Attacks - KRACK)\nDescription: A logic issue existed in the handling of state\ntransitions. This was addressed with improved state management. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nInstallation note:\n\nFirmware version 7.7.9 is installed on AirPort Extreme or\nAirPort Time Capsule base stations with 802.11ac using\nAirPort Utility for Mac or iOS. \n\nAirPort Utility for Mac is a free download from\nhttps://support.apple.com/downloads/ and AirPort Utility for iOS\nis a free download from the App Store. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at\nKU Leuven\n\nInstallation note:\n\nWi-Fi Update for Boot Camp 6.4.0 may be obtained from Apple Software\nUpdate for Windows. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n hostapd 2.4-0ubuntu9.1\n wpasupplicant 2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n hostapd 2.4-0ubuntu6.2\n wpasupplicant 2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n hostapd 2.1-0ubuntu1.5\n wpasupplicant 2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201711-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK)\n attacks\n Date: November 10, 2017\n Bugs: #634436, #634438\n ID: 201711-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA flaw was discovered in the 4-way handshake in hostapd and\nwpa_supplicant that allows attackers to conduct a Man in the Middle\nattack. hostapd is a user space daemon for access point and\nauthentication servers. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-wireless/hostapd \u003c 2.6-r1 \u003e= 2.6-r1 \n 2 net-wireless/wpa_supplicant\n \u003c 2.6-r3 \u003e= 2.6-r3 \n -------------------------------------------------------------------\n 2 affected packages\n\nDescription\n===========\n\nWiFi Protected Access (WPA and WPA2) and it\u0027s associated technologies\nare all vulnerable to the KRACK attacks. Please review the referenced\nCVE identifiers for details. \n\nImpact\n======\n\nAn attacker can carry out the KRACK attacks on a wireless network in\norder to gain access to network clients. Once achieved, the attacker\ncan potentially harvest confidential information (e.g. HTTP/HTTPS),\ninject malware, or perform a myriad of other attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll hostapd users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-wireless/hostapd-2.6-r1\"\n\nAll wpa_supplicant users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=net-wireless/wpa_supplicant-2.6-r3\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-13077\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077\n[ 2 ] CVE-2017-13078\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078\n[ 3 ] CVE-2017-13079\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079\n[ 4 ] CVE-2017-13080\n. 6) - i386, x86_64\n\n3. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. \n This update includes patches to mitigate the WPA2 protocol issues known\n as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n hijack TCP connections, and to forge and inject packets. \n CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n while processing it. \n For more information, see:\n https://www.krackattacks.com/\n https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13077"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008412"
},
{
"db": "CNVD",
"id": "CNVD-2017-30406"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "IVD",
"id": "69402209-7265-4991-8217-51ff9b4857be"
},
{
"db": "VULMON",
"id": "CVE-2017-13077"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "145394"
},
{
"db": "PACKETSTORM",
"id": "145395"
},
{
"db": "PACKETSTORM",
"id": "148445"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144663"
}
],
"trust": 4.23
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-13077",
"trust": 4.5
},
{
"db": "CERT/CC",
"id": "VU#228519",
"trust": 4.2
},
{
"db": "BID",
"id": "101274",
"trust": 2.6
},
{
"db": "LENOVO",
"id": "LEN-17420",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1039577",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039576",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039581",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039578",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039585",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039573",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1041432",
"trust": 1.7
},
{
"db": "CERT@VDE",
"id": "VDE-2017-003",
"trust": 1.7
},
{
"db": "CERT@VDE",
"id": "VDE-2017-005",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-901333",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSMA-18-114-01",
"trust": 1.2
},
{
"db": "ICS CERT",
"id": "ICSMA-19-029-01",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-353-02",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-01",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-325-01",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2017-30406",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-380",
"trust": 0.8
},
{
"db": "JUNIPER",
"id": "JSA10827",
"trust": 0.8
},
{
"db": "DLINK",
"id": "SAP10075",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02A",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94846424",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90609033",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008412",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.4125",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-299-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02",
"trust": 0.3
},
{
"db": "IVD",
"id": "69402209-7265-4991-8217-51FF9B4857BE",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2017-13077",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145394",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145395",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148445",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144632",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144944",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144659",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144663",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "69402209-7265-4991-8217-51ff9b4857be"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30406"
},
{
"db": "VULMON",
"id": "CVE-2017-13077"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008412"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "145394"
},
{
"db": "PACKETSTORM",
"id": "145395"
},
{
"db": "PACKETSTORM",
"id": "148445"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-380"
},
{
"db": "NVD",
"id": "CVE-2017-13077"
}
]
},
"id": "VAR-201710-0206",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "69402209-7265-4991-8217-51ff9b4857be"
},
{
"db": "CNVD",
"id": "CNVD-2017-30406"
}
],
"trust": 1.4301902008333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "69402209-7265-4991-8217-51ff9b4857be"
},
{
"db": "CNVD",
"id": "CNVD-2017-30406"
}
]
},
"last_update_date": "2024-07-23T19:26:04.525000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ARUBA-PSA-2017-007",
"trust": 0.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"title": "DSA-3999",
"trust": 0.8,
"url": "https://www.debian.org/security/2017/dsa-3999"
},
{
"title": "FreeBSD-SA-17:07.wpa",
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"title": "LEN-17420",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/en/product_security/len-17420"
},
{
"title": "NV17-024",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
},
{
"title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"title": "RHSA-2017:2907",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"title": "RHSA-2017:2911",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"title": "USN-3455-1",
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"title": "WPA packet number reuse with replayed messages and key reinstallation",
"trust": 0.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
},
{
"title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.iodata.jp/support/information/2017/wpa2/"
},
{
"title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/info/20171110/"
},
{
"title": "Patch for WPA2 Wireless Network PTK-TK Encryption Key Reload Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/103818"
},
{
"title": "Multiple WiFi product WPA2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75494"
},
{
"title": "Red Hat: Important: wpa_supplicant security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172911 - security advisory"
},
{
"title": "Red Hat: Important: wpa_supplicant security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172907 - security advisory"
},
{
"title": "Red Hat: CVE-2017-13077",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13077"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13077"
},
{
"title": "Apple: Wi-Fi Update for Boot Camp 6.4.0",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=4dc3bb86865485e4364fd6b2dc2fc379"
},
{
"title": "Apple: AirPort Base Station Firmware Update 7.7.9",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7ca8130f8030911575aa17c0e84114dd"
},
{
"title": "Apple: watchOS 4.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=345c3fa8a313cd9a1ced5ef372c465c4"
},
{
"title": "Apple: AirPort Base Station Firmware Update 7.6.9",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=43d8dcf7961e20b6ec02761d12969c19"
},
{
"title": "Debian CVElist Bug Report Logs: firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2e0affd9108e95fa2aa2c706c74cd8a9"
},
{
"title": "Ubuntu Security Notice: wpa vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3455-1"
},
{
"title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
},
{
"title": "Apple: tvOS 11.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7a8e908aff7c02a31b2d335766e6d5c2"
},
{
"title": "Apple: iOS 11.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7814c280e80969d4c4d88f74b13290f2"
},
{
"title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-23"
},
{
"title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-22"
},
{
"title": "HP: HPSBPI03574 rev. 1 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbpi03574"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014May 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=170d2de05a0349ffa4f579ee79da1e9d"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
},
{
"title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=25584b3d319ca9e7cb2fae9ec5dbf5e0"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014August 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=746dc14fcd3f5e139648cfdc9d9039a9"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014June 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=cc496c56e2bf669809bfb568f59af8e1"
},
{
"title": "HP: HPSBHF03571 rev. 6 - Intel Management Engine Cumulative Security update and fix for WPA2 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbhf03571"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Apple: macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=870f3f04ef17f7b183f74ae687a1561d"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "vanhoefm-krackattacks-scripts",
"trust": 0.1,
"url": "https://github.com/84kaliplexon3/vanhoefm-krackattacks-scripts "
},
{
"title": "krankattack",
"trust": 0.1,
"url": "https://github.com/devkosov/krankattack "
},
{
"title": "krackattacks-scripts",
"trust": 0.1,
"url": "https://github.com/vanhoefm/krackattacks-scripts "
},
{
"title": "KRACK",
"trust": 0.1,
"url": "https://github.com/chinatso/krack "
},
{
"title": "krackinfo",
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo "
},
{
"title": "nixos-issue-db-example",
"trust": 0.1,
"url": "https://github.com/andir/nixos-issue-db-example "
},
{
"title": "SamsungReleaseNotes",
"trust": 0.1,
"url": "https://github.com/samreleasenotes/samsungreleasenotes "
},
{
"title": "welivesecurity",
"trust": 0.1,
"url": "https://www.welivesecurity.com/2019/10/17/alexa-how-amazon-echo-kindle-got-kracked/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/millions-of-amazon-echo-and-kindle-devices-affected-by-wifi-bug/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30406"
},
{
"db": "VULMON",
"id": "CVE-2017-13077"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008412"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-380"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008412"
},
{
"db": "NVD",
"id": "CVE-2017-13077"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://www.krackattacks.com/"
},
{
"trust": 3.3,
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"trust": 2.9,
"url": "http://www.securityfocus.com/bid/101274"
},
{
"trust": 2.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
},
{
"trust": 2.7,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"trust": 2.5,
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"trust": 2.2,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"trust": 2.1,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-3455-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039585"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039581"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039578"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039577"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039576"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039573"
},
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/len-17420"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208222"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208221"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208220"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208219"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.7,
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"trust": 1.7,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03792en_us"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"trust": 1.7,
"url": "https://source.android.com/security/bulletin/2018-06-01"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041432"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"trust": 1.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
},
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
},
{
"trust": 1.1,
"url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
},
{
"trust": 1.1,
"url": "https://w1.fi/security/2017-1/"
},
{
"trust": 1.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/323.html"
},
{
"trust": 0.8,
"url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
},
{
"trust": 0.8,
"url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
},
{
"trust": 0.8,
"url": "https://www.al-enterprise.com/en/support/security-alert-krack"
},
{
"trust": 0.8,
"url": "https://support.apple.com/en-gb/ht208222"
},
{
"trust": 0.8,
"url": "https://security.archlinux.org/avg-447"
},
{
"trust": 0.8,
"url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
},
{
"trust": 0.8,
"url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
},
{
"trust": 0.8,
"url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
},
{
"trust": 0.8,
"url": "https://community.cypress.com/docs/doc-13871"
},
{
"trust": 0.8,
"url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
},
{
"trust": 0.8,
"url": "http://www.dell.com/support/article/sln307822"
},
{
"trust": 0.8,
"url": "https://github.com/espressif/esp8266_nonos_sdk"
},
{
"trust": 0.8,
"url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
},
{
"trust": 0.8,
"url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
},
{
"trust": 0.8,
"url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
},
{
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 0.8,
"url": "https://bugs.gentoo.org/634440"
},
{
"trust": 0.8,
"url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
},
{
"trust": 0.8,
"url": "https://kb.juniper.net/jsa10827"
},
{
"trust": 0.8,
"url": "https://support.lenovo.com/ca/en/product_security/len-17420"
},
{
"trust": 0.8,
"url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
},
{
"trust": 0.8,
"url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
},
{
"trust": 0.8,
"url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
},
{
"trust": 0.8,
"url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
},
{
"trust": 0.8,
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
},
{
"trust": 0.8,
"url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
},
{
"trust": 0.8,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
},
{
"trust": 0.8,
"url": "https://community.sophos.com/kb/en-us/127658"
},
{
"trust": 0.8,
"url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
},
{
"trust": 0.8,
"url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
},
{
"trust": 0.8,
"url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
},
{
"trust": 0.8,
"url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
},
{
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"trust": 0.8,
"url": "http://en.miui.com/thread-954223-1-1.html"
},
{
"trust": 0.8,
"url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
},
{
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
},
{
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
},
{
"trust": 0.8,
"url": "https://community.rsa.com/docs/doc-84103"
},
{
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k23642330"
},
{
"trust": 0.8,
"url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
},
{
"trust": 0.8,
"url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu94846424/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90609033/index.html"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
},
{
"trust": 0.6,
"url": "https://www.kb.cert.org/vuls/id/228519/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13077"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13078"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13080"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13087"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13082"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13086"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
},
{
"trust": 0.3,
"url": "http://www.wi-fi.org/index.php"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-ie/ht208847"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208334"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208327"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208325"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13081"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13084"
},
{
"trust": 0.3,
"url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://support.apple.com/downloads/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/330.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9417"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht208038"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13078"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13077"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30406"
},
{
"db": "VULMON",
"id": "CVE-2017-13077"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008412"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "145394"
},
{
"db": "PACKETSTORM",
"id": "145395"
},
{
"db": "PACKETSTORM",
"id": "148445"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-380"
},
{
"db": "NVD",
"id": "CVE-2017-13077"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "69402209-7265-4991-8217-51ff9b4857be"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30406"
},
{
"db": "VULMON",
"id": "CVE-2017-13077"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008412"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "145394"
},
{
"db": "PACKETSTORM",
"id": "145395"
},
{
"db": "PACKETSTORM",
"id": "148445"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-380"
},
{
"db": "NVD",
"id": "CVE-2017-13077"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-17T00:00:00",
"db": "IVD",
"id": "69402209-7265-4991-8217-51ff9b4857be"
},
{
"date": "2017-10-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30406"
},
{
"date": "2017-10-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13077"
},
{
"date": "2017-10-16T00:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2017-10-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008412"
},
{
"date": "2017-10-17T16:52:00",
"db": "PACKETSTORM",
"id": "144652"
},
{
"date": "2017-12-13T03:33:33",
"db": "PACKETSTORM",
"id": "145394"
},
{
"date": "2017-12-13T04:44:44",
"db": "PACKETSTORM",
"id": "145395"
},
{
"date": "2018-07-05T23:02:22",
"db": "PACKETSTORM",
"id": "148445"
},
{
"date": "2017-10-16T13:49:34",
"db": "PACKETSTORM",
"id": "144630"
},
{
"date": "2017-10-16T23:23:00",
"db": "PACKETSTORM",
"id": "144632"
},
{
"date": "2017-11-10T19:19:00",
"db": "PACKETSTORM",
"id": "144944"
},
{
"date": "2017-10-18T20:20:00",
"db": "PACKETSTORM",
"id": "144659"
},
{
"date": "2017-10-18T20:44:00",
"db": "PACKETSTORM",
"id": "144663"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-380"
},
{
"date": "2017-10-17T02:29:00.207000",
"db": "NVD",
"id": "CVE-2017-13077"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30406"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13077"
},
{
"date": "2019-02-21T09:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008412"
},
{
"date": "2020-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-380"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-13077"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-380"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-380"
}
],
"trust": 0.6
}
}
VAR-201706-0978
Vulnerability from variot - Updated: 2023-12-18 12:29Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.path parameter. plural Peplink Balance Device product firmware contains a path traversal vulnerability.Tampering with information and disrupting service operations (DoS) There is a possibility of being put into a state. PeplinkBalance305 is a multi-export load balancing router for medium-sized enterprises. An attacker could exploit this vulnerability by abusing the /cgi-bin/MANGA/firmware_process.cgi file to remove any files. Peplink Balance 305 etc. The following products are affected: Peplink Balance 305; 380; 580; 710; 1350; 2500. X41 D-Sec GmbH Security Advisory: X41-2017-005
Multiple Vulnerabilities in peplink balance routers
Overview
Confirmed Affected Versions: 7.0.0-build1904 Confirmed Patched Versions: fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.bin Vulnerable Firmware: fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.0-build1904.bin Models: Balance Routers 305, 380, 580, 710, 1350, 2500 Vendor: Peplink Vendor URL: https://www.peplink.com/ Vector: Network Credit: X41 D-Sec GmbH, Eric Sesterhenn Additional Credits: Claus Overbeck (Abovo IT) Status: Public Advisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/
Summary and Impact
Several issues have been identified, which allow attackers to access the administrative web interface with admin credentials, delete files, perform CSRF and XSS attacks.
Product Description
From the vendor webpage: Use Load Balancing and SpeedFusion bandwidth bonding to deliver superfast VoIP, video streaming, and data using an SD-WAN enabled network. Even with a basic Balance 20 dual-WAN router, you can mix different transport technologies and providers to keep your network up when individual links go down. Switching between links is automatic and seamless.
SQL Injection via bauth Cookie
Severity Rating: Critical Vector: Network CVE: CVE-2017-8835 CWE: 89 CVSS Score: 9.8 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary and Impact
Peplink devices are vulnerable to an SQL injection attack via the bauth cookie parameter which is set e.g. when accessing https://ip/cgi-bin/MANGA/admin.cgi.
The injection can be checked with the following command:
./sqlmap.py -u "https://ip/cgi-bin/MANGA/admin.cgi" --cookie="bauth=csOWLxU4BvoMfhY2rHLVFm1EmZWV74zinla9IVclqrYxH16426647" -p"bauth" --level 5 --risk 3 --dbms sqlite --technique=BEUSQ --flush-session -t trace.log --prefix "'" --suffix "--" -a
The vulnerability in the Peplink device allows to access the SQLite session database containing user and session variables. By using the the following cookie in a web request, it is possible to select a running administrator session to be used for the attackers login.
bauth=-12' or id IN (select s.id from sessions as s left join sessionsvariables as v on v.id=s.id where v.name='rwa' and v.value='1') or '1'='2
By forming specialised SQL queries, it is possible to retrieve usernames from the database. This worked by returning a valid session in case the username existed and no session if it did not exist. In the first case the server did not set a new session cookie in the response to the request.
SELECT id FROM sessions WHERE sessionid = '-14' or id IN (select s.id from sessions as s left join sessionsvariables as v on v.id=s.id where v.name='username' and substr(v.value,1,3)='adm')
Workarounds
Install vendor supplied update.
No CSRF Protection
Severity Rating: Medium Vector: Network CVE: CVE-2017-8836 CWE: 352 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
The CGI scripts in the administrative interface are not protected against cross site request forgery attacks. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface.
Workarounds
Install vendor supplied update.
Passwords stored in Cleartext
Severity Rating: Medium Vector: Network CVE: CVE-2017-8837 CWE: 256 CVSS Score: 4.0 CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary and Impact
The Peplink devices store passwords in cleartext in the files /etc/waipass and /etc/roapass. In case one of these devices is compromised the attacker can gain access to the cleartext passwords and abuse them to compromise further systems.
Workarounds
Install vendor supplied update.
XSS via syncid Parameter
Severity Rating: Medium Vector: Network CVE: CVE-2017-8838 CWE: 80 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
If the webinterface is accessible, it is possible to abuse the syncid parameter to trigger a cross-site-scripting issue by calling https://ip/cgi-bin/HASync/hasync.cgi?debug=1&syncid=123%3Cscript%3Ealert%281%29%3C/script%3E
This executes the JavaScript in the victims browser, which can be abused to steal session cookies.
Workarounds
Install vendor supplied update.
XSS via preview.cgi
Severity Rating: Medium Vector: Network CVE: CVE-2017-8839 CWE: 80 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
If the webinterface is accessible, it is possible to abuse the the orig_url parameter to trigger a cross-site-scripting issue in /guest/preview.cgi. The injection is directly into existing JavaScript.
This executes the JavaScript in the victims browser, which can be abused to steal session cookies.
Workarounds
Install vendor supplied update.
File Deletion
Severity Rating: Medium Vector: Network CVE: CVE-2017-8841 CWE: 73 CVSS Score: 6.5 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary and Impact
A logged in user can delete arbitrary files on the Peplink devices, by abusing the /cgi-bin/MANGA/firmware_process.cgi. This can be abused to cause a denial of service (DoS). In combination with the missing CSRF protection, this can be abused remotely via a logged in user.
Workarounds
Install vendor supplied update.
Information Disclosure
Severity Rating: Medium Vector: Network CVE: CVE-2017-8840 CWE: 200 CVSS Score: 5.3 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary and Impact
If the webinterface is accessible, it is possible to retrieve sensitive information without a valid login by opening cgi-bin/HASync/hasync.cgi?debug=1
This displays the following:
-----8<------------------------------------------------ Master LAN Address = [ / ] Serial Number = [ ] HA Group ID = [ ] Virtual IP = [ / ] Submitted syncid = [ ] -----8<------------------------------------------------
This information can be valuable for an attacker to exploit other issues.
Workarounds
Install vendor supplied update.
About X41 D-Sec GmbH
X41 D-Sec is a provider of application security services. We focus on application code reviews, design review and security testing. X41 D-Sec GmbH was founded in 2015 by Markus Vervier. We support customers in various industries such as finance, software development and public institutions.
Timeline
2017-04-07 Issue found 2017-04-10 Vendor asked for security contact 2017-04-11 Vendor replied, send GPG key 2017-04-11 Information supplied to vendor 2017-04-11 Vendor acknowledges that the information is received 2017-04-17 Vendor acknowledges SQL injection 2017-05-08 CVE IDs for all issues requested 2017-05-08 CVE IDs assigned 2017-05-11 Vendor informed about CVE IDs 2017-05-29 Version provided to X41 for testing 2017-05-31 First test results send back to the vendor 2017-06-01 Remaining test results send back to the vendor 2017-06-05 Coordinated Firmware and Advisory release
-- X41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen T: +49 241 9809418-0, Fax: -9 Unternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989 GeschA$?ftsfA1/4hrer: Markus Vervier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-0978",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "710hw3",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "b305hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "580hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "380hw6",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "1350hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "2500",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "balance 1350",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 2500",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 305",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 380",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 580",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 710",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "2500"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "1350"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "710"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "580"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "380"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "305"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09520"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004612"
},
{
"db": "NVD",
"id": "CVE-2017-8841"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-324"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:b305hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_305:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:380hw6_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_380:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:580hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_580:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:710hw3_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_710:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:1350hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_1350:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:2500_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_2500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8841"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eric Sesterhenn, Claus Overbeck",
"sources": [
{
"db": "PACKETSTORM",
"id": "142801"
}
],
"trust": 0.1
},
"cve": "CVE-2017-8841",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-8841",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-09520",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-117044",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:P/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-8841",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-8841",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-09520",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-324",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-117044",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09520"
},
{
"db": "VULHUB",
"id": "VHN-117044"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004612"
},
{
"db": "NVD",
"id": "CVE-2017-8841"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-324"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.path parameter. plural Peplink Balance Device product firmware contains a path traversal vulnerability.Tampering with information and disrupting service operations (DoS) There is a possibility of being put into a state. PeplinkBalance305 is a multi-export load balancing router for medium-sized enterprises. An attacker could exploit this vulnerability by abusing the /cgi-bin/MANGA/firmware_process.cgi file to remove any files. Peplink Balance 305 etc. The following products are affected: Peplink Balance 305; 380; 580; 710; 1350; 2500. \nX41 D-Sec GmbH Security Advisory: X41-2017-005\n\nMultiple Vulnerabilities in peplink balance routers\n===================================================\n\nOverview\n--------\nConfirmed Affected Versions: 7.0.0-build1904\nConfirmed Patched Versions:\nfw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.bin\nVulnerable Firmware:\nfw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.0-build1904.bin\nModels: Balance Routers 305, 380, 580, 710, 1350, 2500\nVendor: Peplink\nVendor URL: https://www.peplink.com/\nVector: Network\nCredit: X41 D-Sec GmbH, Eric Sesterhenn\nAdditional Credits: Claus Overbeck (Abovo IT)\nStatus: Public\nAdvisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/\n\n\nSummary and Impact\n------------------\nSeveral issues have been identified, which allow attackers to access the\nadministrative web interface with admin credentials, delete files,\nperform CSRF and XSS attacks. \n\n\nProduct Description\n-------------------\nFrom the vendor webpage:\nUse Load Balancing and SpeedFusion bandwidth bonding to deliver\nsuperfast VoIP, video streaming, and data using an SD-WAN enabled\nnetwork. Even with a basic Balance 20 dual-WAN router, you can mix\ndifferent transport technologies and providers to keep your network up\nwhen individual links go down. Switching between links is automatic and\nseamless. \n\n\n\nSQL Injection via bauth Cookie\n==============================\nSeverity Rating: Critical\nVector: Network\nCVE: CVE-2017-8835\nCWE: 89\nCVSS Score: 9.8\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n\nSummary and Impact\n------------------\nPeplink devices are vulnerable to an SQL injection attack via the bauth\ncookie parameter which is set e.g. when accessing\nhttps://ip/cgi-bin/MANGA/admin.cgi. \n\nThe injection can be checked with the following command:\n\n./sqlmap.py -u \"https://ip/cgi-bin/MANGA/admin.cgi\"\n--cookie=\"bauth=csOWLxU4BvoMfhY2rHLVFm1EmZWV74zinla9IVclqrYxH16426647\"\n-p\"bauth\" --level 5 --risk 3 --dbms sqlite --technique=BEUSQ\n--flush-session -t trace.log --prefix \"\u0027\" --suffix \"--\" -a\n\nThe vulnerability in the Peplink device allows to access the SQLite\nsession database containing user and session variables. By using the the\nfollowing cookie in a web request, it is possible to select a running\nadministrator session to be used for the attackers login. \n\nbauth=-12\u0027 or id IN (select s.id from sessions as s left join\nsessionsvariables as v on v.id=s.id where v.name=\u0027rwa\u0027 and v.value=\u00271\u0027)\nor \u00271\u0027=\u00272\n\nBy forming specialised SQL queries, it is possible to retrieve usernames\nfrom the database. This worked by returning a valid session in case the\nusername existed and no session if it did not exist. In the first case\nthe server did not set a new session cookie in the response to the request. \n\nSELECT id FROM sessions WHERE sessionid = \u0027-14\u0027 or id IN (select s.id\nfrom sessions as s left join sessionsvariables as v on v.id=s.id where\nv.name=\u0027username\u0027 and substr(v.value,1,3)=\u0027adm\u0027)\n\n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\nNo CSRF Protection\n==================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8836\nCWE: 352\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nThe CGI scripts in the administrative interface are not protected\nagainst cross site request forgery attacks. This allows an attacker to\nexecute commands, if a logged in user visits a malicious website. This\ncan for example be used to change the credentials of the administrative\nwebinterface. \n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nPasswords stored in Cleartext\n=============================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8837\nCWE: 256\nCVSS Score: 4.0\nCVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n\nSummary and Impact\n------------------\nThe Peplink devices store passwords in cleartext in the files\n/etc/waipass and /etc/roapass. In case one of these devices is\ncompromised the attacker can gain access to the cleartext passwords and\nabuse them to compromise further systems. \n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nXSS via syncid Parameter\n========================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8838\nCWE: 80\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to abuse the syncid\nparameter to trigger a cross-site-scripting issue by calling\nhttps://ip/cgi-bin/HASync/hasync.cgi?debug=1\u0026syncid=123%3Cscript%3Ealert%281%29%3C/script%3E\n\nThis executes the JavaScript in the victims browser, which can be abused\nto steal session cookies. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nXSS via preview.cgi\n===================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8839\nCWE: 80\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to abuse the the\norig_url parameter to trigger a cross-site-scripting issue in\n/guest/preview.cgi. The injection is directly into existing JavaScript. \n\nThis executes the JavaScript in the victims browser, which can be abused\nto steal session cookies. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\nFile Deletion\n=============\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8841\nCWE: 73\nCVSS Score: 6.5\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H\n\nSummary and Impact\n------------------\nA logged in user can delete arbitrary files on the Peplink devices, by\nabusing the /cgi-bin/MANGA/firmware_process.cgi. This can be abused to cause a denial of\nservice (DoS). In combination with the missing CSRF protection, this can\nbe abused remotely via a logged in user. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nInformation Disclosure\n======================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8840\nCWE: 200\nCVSS Score: 5.3\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to retrieve sensitive\ninformation without a valid login by opening\ncgi-bin/HASync/hasync.cgi?debug=1\n\nThis displays the following:\n\n-----8\u003c------------------------------------------------\nMaster LAN Address = [ \u003cinternal ip\u003e / \u003cnetmask\u003e ]\nSerial Number = [ \u003cserial number\u003e ]\nHA Group ID = [ \u003cgroup id\u003e ]\nVirtual IP = [ \u003cinternal ip\u003e / \u003cnetmask\u003e ]\nSubmitted syncid = [ \u003csyncid\u003e ]\n-----8\u003c------------------------------------------------\n\nThis information can be valuable for an attacker to exploit other issues. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nAbout X41 D-Sec GmbH\n--------------------\nX41 D-Sec is a provider of application security services. We focus on\napplication code reviews, design review and security testing. X41 D-Sec\nGmbH was founded in 2015 by Markus Vervier. We support customers in\nvarious industries such as finance, software development and public\ninstitutions. \n\nTimeline\n--------\n2017-04-07\tIssue found\n2017-04-10\tVendor asked for security contact\n2017-04-11\tVendor replied, send GPG key\n2017-04-11\tInformation supplied to vendor\n2017-04-11\tVendor acknowledges that the information is received\n2017-04-17\tVendor acknowledges SQL injection\n2017-05-08\tCVE IDs for all issues requested\n2017-05-08\tCVE IDs assigned\n2017-05-11\tVendor informed about CVE IDs\n2017-05-29\tVersion provided to X41 for testing\n2017-05-31\tFirst test results send back to the vendor\n2017-06-01\tRemaining test results send back to the vendor\n2017-06-05\tCoordinated Firmware and Advisory release\n\n-- \nX41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen\nT: +49 241 9809418-0, Fax: -9\nUnternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989\nGeschA$?ftsfA1/4hrer: Markus Vervier\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8841"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004612"
},
{
"db": "CNVD",
"id": "CNVD-2017-09520"
},
{
"db": "VULHUB",
"id": "VHN-117044"
},
{
"db": "PACKETSTORM",
"id": "142801"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-117044",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117044"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8841",
"trust": 3.2
},
{
"db": "EXPLOIT-DB",
"id": "42130",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004612",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201705-324",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-09520",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117044",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142801",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09520"
},
{
"db": "VULHUB",
"id": "VHN-117044"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004612"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8841"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-324"
}
]
},
"id": "VAR-201706-0978",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09520"
},
{
"db": "VULHUB",
"id": "VHN-117044"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09520"
}
]
},
"last_update_date": "2023-12-18T12:29:34.422000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Peplink Balance",
"trust": 0.8,
"url": "https://www.peplink.com/products/balance/"
},
{
"title": "Patches for directory traversal vulnerabilities in various PeplinkBalance products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/95362"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09520"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004612"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117044"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004612"
},
{
"db": "NVD",
"id": "CVE-2017-8841"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/"
},
{
"trust": 2.3,
"url": "http://seclists.org/bugtraq/2017/jun/1"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/42130/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8841"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8841"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8838"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/hasync/hasync.cgi?debug=1\u0026syncid=123%3cscript%3ealert%281%29%3c/script%3e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8837"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8839"
},
{
"trust": 0.1,
"url": "https://www.peplink.com/"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/manga/admin.cgi."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8836"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/manga/admin.cgi\""
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8840"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09520"
},
{
"db": "VULHUB",
"id": "VHN-117044"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004612"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8841"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-324"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-09520"
},
{
"db": "VULHUB",
"id": "VHN-117044"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004612"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8841"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-324"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-09520"
},
{
"date": "2017-06-05T00:00:00",
"db": "VULHUB",
"id": "VHN-117044"
},
{
"date": "2017-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004612"
},
{
"date": "2017-06-05T18:59:14",
"db": "PACKETSTORM",
"id": "142801"
},
{
"date": "2017-06-05T14:29:00.623000",
"db": "NVD",
"id": "CVE-2017-8841"
},
{
"date": "2017-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-324"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-09520"
},
{
"date": "2017-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-117044"
},
{
"date": "2017-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004612"
},
{
"date": "2017-08-13T01:29:22.803000",
"db": "NVD",
"id": "CVE-2017-8841"
},
{
"date": "2017-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-324"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-324"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Peplink Balance Path traversal vulnerability in device product firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004612"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-324"
}
],
"trust": 0.6
}
}
VAR-201706-0987
Vulnerability from variot - Updated: 2023-12-18 12:29SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth cookie to cgi-bin/MANGA/admin.cgi. One impact is enumeration of user accounts by observing whether a session ID can be retrieved from the sessions database. plural Peplink Balance Device product firmware includes SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. PeplinkBalance305 is a multi-export load balancing router for medium-sized enterprises. A remote attacker can exploit this vulnerability to enumerate user accounts. Peplink Balance 305 etc. The following products are affected: Peplink Balance 305; 380; 580; 710; 1350; 2500. X41 D-Sec GmbH Security Advisory: X41-2017-005
Multiple Vulnerabilities in peplink balance routers
Overview
Confirmed Affected Versions: 7.0.0-build1904 Confirmed Patched Versions: fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.bin Vulnerable Firmware: fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.0-build1904.bin Models: Balance Routers 305, 380, 580, 710, 1350, 2500 Vendor: Peplink Vendor URL: https://www.peplink.com/ Vector: Network Credit: X41 D-Sec GmbH, Eric Sesterhenn Additional Credits: Claus Overbeck (Abovo IT) Status: Public Advisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/
Summary and Impact
Several issues have been identified, which allow attackers to access the administrative web interface with admin credentials, delete files, perform CSRF and XSS attacks.
Product Description
From the vendor webpage: Use Load Balancing and SpeedFusion bandwidth bonding to deliver superfast VoIP, video streaming, and data using an SD-WAN enabled network. Even with a basic Balance 20 dual-WAN router, you can mix different transport technologies and providers to keep your network up when individual links go down. Switching between links is automatic and seamless.
SQL Injection via bauth Cookie
Severity Rating: Critical Vector: Network CVE: CVE-2017-8835 CWE: 89 CVSS Score: 9.8 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary and Impact
Peplink devices are vulnerable to an SQL injection attack via the bauth cookie parameter which is set e.g. when accessing https://ip/cgi-bin/MANGA/admin.cgi.
The injection can be checked with the following command:
./sqlmap.py -u "https://ip/cgi-bin/MANGA/admin.cgi" --cookie="bauth=csOWLxU4BvoMfhY2rHLVFm1EmZWV74zinla9IVclqrYxH16426647" -p"bauth" --level 5 --risk 3 --dbms sqlite --technique=BEUSQ --flush-session -t trace.log --prefix "'" --suffix "--" -a
The vulnerability in the Peplink device allows to access the SQLite session database containing user and session variables. By using the the following cookie in a web request, it is possible to select a running administrator session to be used for the attackers login.
bauth=-12' or id IN (select s.id from sessions as s left join sessionsvariables as v on v.id=s.id where v.name='rwa' and v.value='1') or '1'='2
By forming specialised SQL queries, it is possible to retrieve usernames from the database. This worked by returning a valid session in case the username existed and no session if it did not exist. In the first case the server did not set a new session cookie in the response to the request.
SELECT id FROM sessions WHERE sessionid = '-14' or id IN (select s.id from sessions as s left join sessionsvariables as v on v.id=s.id where v.name='username' and substr(v.value,1,3)='adm')
Workarounds
Install vendor supplied update.
No CSRF Protection
Severity Rating: Medium Vector: Network CVE: CVE-2017-8836 CWE: 352 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
The CGI scripts in the administrative interface are not protected against cross site request forgery attacks. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface.
Workarounds
Install vendor supplied update.
Passwords stored in Cleartext
Severity Rating: Medium Vector: Network CVE: CVE-2017-8837 CWE: 256 CVSS Score: 4.0 CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary and Impact
The Peplink devices store passwords in cleartext in the files /etc/waipass and /etc/roapass. In case one of these devices is compromised the attacker can gain access to the cleartext passwords and abuse them to compromise further systems.
Workarounds
Install vendor supplied update.
XSS via syncid Parameter
Severity Rating: Medium Vector: Network CVE: CVE-2017-8838 CWE: 80 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
If the webinterface is accessible, it is possible to abuse the syncid parameter to trigger a cross-site-scripting issue by calling https://ip/cgi-bin/HASync/hasync.cgi?debug=1&syncid=123%3Cscript%3Ealert%281%29%3C/script%3E
This executes the JavaScript in the victims browser, which can be abused to steal session cookies.
Workarounds
Install vendor supplied update.
XSS via preview.cgi
Severity Rating: Medium Vector: Network CVE: CVE-2017-8839 CWE: 80 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
If the webinterface is accessible, it is possible to abuse the the orig_url parameter to trigger a cross-site-scripting issue in /guest/preview.cgi. The injection is directly into existing JavaScript.
This executes the JavaScript in the victims browser, which can be abused to steal session cookies.
Workarounds
Install vendor supplied update.
File Deletion
Severity Rating: Medium Vector: Network CVE: CVE-2017-8841 CWE: 73 CVSS Score: 6.5 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary and Impact
A logged in user can delete arbitrary files on the Peplink devices, by abusing the /cgi-bin/MANGA/firmware_process.cgi. When an absolute path is provided to the upfile.path parameter the file provided in the path is deleted during the process. This can be abused to cause a denial of service (DoS). In combination with the missing CSRF protection, this can be abused remotely via a logged in user.
Workarounds
Install vendor supplied update.
Information Disclosure
Severity Rating: Medium Vector: Network CVE: CVE-2017-8840 CWE: 200 CVSS Score: 5.3 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary and Impact
If the webinterface is accessible, it is possible to retrieve sensitive information without a valid login by opening cgi-bin/HASync/hasync.cgi?debug=1
This displays the following:
-----8<------------------------------------------------ Master LAN Address = [ / ] Serial Number = [ ] HA Group ID = [ ] Virtual IP = [ / ] Submitted syncid = [ ] -----8<------------------------------------------------
This information can be valuable for an attacker to exploit other issues.
Workarounds
Install vendor supplied update.
About X41 D-Sec GmbH
X41 D-Sec is a provider of application security services. We focus on application code reviews, design review and security testing. X41 D-Sec GmbH was founded in 2015 by Markus Vervier. We support customers in various industries such as finance, software development and public institutions.
Timeline
2017-04-07 Issue found 2017-04-10 Vendor asked for security contact 2017-04-11 Vendor replied, send GPG key 2017-04-11 Information supplied to vendor 2017-04-11 Vendor acknowledges that the information is received 2017-04-17 Vendor acknowledges SQL injection 2017-05-08 CVE IDs for all issues requested 2017-05-08 CVE IDs assigned 2017-05-11 Vendor informed about CVE IDs 2017-05-29 Version provided to X41 for testing 2017-05-31 First test results send back to the vendor 2017-06-01 Remaining test results send back to the vendor 2017-06-05 Coordinated Firmware and Advisory release
-- X41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen T: +49 241 9809418-0, Fax: -9 Unternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989 GeschA$?ftsfA1/4hrer: Markus Vervier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-0987",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "710hw3",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "b305hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "580hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "380hw6",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "1350hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "2500",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "balance 1350",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 2500",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 305",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 380",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 580",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 710",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "2500"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "1350"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "710"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "580"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "380"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "305"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09525"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004608"
},
{
"db": "NVD",
"id": "CVE-2017-8835"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-330"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:b305hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_305:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:380hw6_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_380:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:580hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_580:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:710hw3_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_710:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:1350hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_1350:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:2500_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_2500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8835"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eric Sesterhenn, Claus Overbeck",
"sources": [
{
"db": "PACKETSTORM",
"id": "142801"
}
],
"trust": 0.1
},
"cve": "CVE-2017-8835",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-8835",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-09525",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-117038",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-8835",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-8835",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2017-09525",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-330",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-117038",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09525"
},
{
"db": "VULHUB",
"id": "VHN-117038"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004608"
},
{
"db": "NVD",
"id": "CVE-2017-8835"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-330"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth cookie to cgi-bin/MANGA/admin.cgi. One impact is enumeration of user accounts by observing whether a session ID can be retrieved from the sessions database. plural Peplink Balance Device product firmware includes SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. PeplinkBalance305 is a multi-export load balancing router for medium-sized enterprises. A remote attacker can exploit this vulnerability to enumerate user accounts. Peplink Balance 305 etc. The following products are affected: Peplink Balance 305; 380; 580; 710; 1350; 2500. \nX41 D-Sec GmbH Security Advisory: X41-2017-005\n\nMultiple Vulnerabilities in peplink balance routers\n===================================================\n\nOverview\n--------\nConfirmed Affected Versions: 7.0.0-build1904\nConfirmed Patched Versions:\nfw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.bin\nVulnerable Firmware:\nfw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.0-build1904.bin\nModels: Balance Routers 305, 380, 580, 710, 1350, 2500\nVendor: Peplink\nVendor URL: https://www.peplink.com/\nVector: Network\nCredit: X41 D-Sec GmbH, Eric Sesterhenn\nAdditional Credits: Claus Overbeck (Abovo IT)\nStatus: Public\nAdvisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/\n\n\nSummary and Impact\n------------------\nSeveral issues have been identified, which allow attackers to access the\nadministrative web interface with admin credentials, delete files,\nperform CSRF and XSS attacks. \n\n\nProduct Description\n-------------------\nFrom the vendor webpage:\nUse Load Balancing and SpeedFusion bandwidth bonding to deliver\nsuperfast VoIP, video streaming, and data using an SD-WAN enabled\nnetwork. Even with a basic Balance 20 dual-WAN router, you can mix\ndifferent transport technologies and providers to keep your network up\nwhen individual links go down. Switching between links is automatic and\nseamless. \n\n\n\nSQL Injection via bauth Cookie\n==============================\nSeverity Rating: Critical\nVector: Network\nCVE: CVE-2017-8835\nCWE: 89\nCVSS Score: 9.8\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n\nSummary and Impact\n------------------\nPeplink devices are vulnerable to an SQL injection attack via the bauth\ncookie parameter which is set e.g. when accessing\nhttps://ip/cgi-bin/MANGA/admin.cgi. \n\nThe injection can be checked with the following command:\n\n./sqlmap.py -u \"https://ip/cgi-bin/MANGA/admin.cgi\"\n--cookie=\"bauth=csOWLxU4BvoMfhY2rHLVFm1EmZWV74zinla9IVclqrYxH16426647\"\n-p\"bauth\" --level 5 --risk 3 --dbms sqlite --technique=BEUSQ\n--flush-session -t trace.log --prefix \"\u0027\" --suffix \"--\" -a\n\nThe vulnerability in the Peplink device allows to access the SQLite\nsession database containing user and session variables. By using the the\nfollowing cookie in a web request, it is possible to select a running\nadministrator session to be used for the attackers login. \n\nbauth=-12\u0027 or id IN (select s.id from sessions as s left join\nsessionsvariables as v on v.id=s.id where v.name=\u0027rwa\u0027 and v.value=\u00271\u0027)\nor \u00271\u0027=\u00272\n\nBy forming specialised SQL queries, it is possible to retrieve usernames\nfrom the database. This worked by returning a valid session in case the\nusername existed and no session if it did not exist. In the first case\nthe server did not set a new session cookie in the response to the request. \n\nSELECT id FROM sessions WHERE sessionid = \u0027-14\u0027 or id IN (select s.id\nfrom sessions as s left join sessionsvariables as v on v.id=s.id where\nv.name=\u0027username\u0027 and substr(v.value,1,3)=\u0027adm\u0027)\n\n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\nNo CSRF Protection\n==================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8836\nCWE: 352\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nThe CGI scripts in the administrative interface are not protected\nagainst cross site request forgery attacks. This allows an attacker to\nexecute commands, if a logged in user visits a malicious website. This\ncan for example be used to change the credentials of the administrative\nwebinterface. \n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nPasswords stored in Cleartext\n=============================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8837\nCWE: 256\nCVSS Score: 4.0\nCVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n\nSummary and Impact\n------------------\nThe Peplink devices store passwords in cleartext in the files\n/etc/waipass and /etc/roapass. In case one of these devices is\ncompromised the attacker can gain access to the cleartext passwords and\nabuse them to compromise further systems. \n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nXSS via syncid Parameter\n========================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8838\nCWE: 80\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to abuse the syncid\nparameter to trigger a cross-site-scripting issue by calling\nhttps://ip/cgi-bin/HASync/hasync.cgi?debug=1\u0026syncid=123%3Cscript%3Ealert%281%29%3C/script%3E\n\nThis executes the JavaScript in the victims browser, which can be abused\nto steal session cookies. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nXSS via preview.cgi\n===================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8839\nCWE: 80\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to abuse the the\norig_url parameter to trigger a cross-site-scripting issue in\n/guest/preview.cgi. The injection is directly into existing JavaScript. \n\nThis executes the JavaScript in the victims browser, which can be abused\nto steal session cookies. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\nFile Deletion\n=============\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8841\nCWE: 73\nCVSS Score: 6.5\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H\n\nSummary and Impact\n------------------\nA logged in user can delete arbitrary files on the Peplink devices, by\nabusing the /cgi-bin/MANGA/firmware_process.cgi. When an absolute path\nis provided to the upfile.path parameter the file provided in the path\nis deleted during the process. This can be abused to cause a denial of\nservice (DoS). In combination with the missing CSRF protection, this can\nbe abused remotely via a logged in user. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nInformation Disclosure\n======================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8840\nCWE: 200\nCVSS Score: 5.3\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to retrieve sensitive\ninformation without a valid login by opening\ncgi-bin/HASync/hasync.cgi?debug=1\n\nThis displays the following:\n\n-----8\u003c------------------------------------------------\nMaster LAN Address = [ \u003cinternal ip\u003e / \u003cnetmask\u003e ]\nSerial Number = [ \u003cserial number\u003e ]\nHA Group ID = [ \u003cgroup id\u003e ]\nVirtual IP = [ \u003cinternal ip\u003e / \u003cnetmask\u003e ]\nSubmitted syncid = [ \u003csyncid\u003e ]\n-----8\u003c------------------------------------------------\n\nThis information can be valuable for an attacker to exploit other issues. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nAbout X41 D-Sec GmbH\n--------------------\nX41 D-Sec is a provider of application security services. We focus on\napplication code reviews, design review and security testing. X41 D-Sec\nGmbH was founded in 2015 by Markus Vervier. We support customers in\nvarious industries such as finance, software development and public\ninstitutions. \n\nTimeline\n--------\n2017-04-07\tIssue found\n2017-04-10\tVendor asked for security contact\n2017-04-11\tVendor replied, send GPG key\n2017-04-11\tInformation supplied to vendor\n2017-04-11\tVendor acknowledges that the information is received\n2017-04-17\tVendor acknowledges SQL injection\n2017-05-08\tCVE IDs for all issues requested\n2017-05-08\tCVE IDs assigned\n2017-05-11\tVendor informed about CVE IDs\n2017-05-29\tVersion provided to X41 for testing\n2017-05-31\tFirst test results send back to the vendor\n2017-06-01\tRemaining test results send back to the vendor\n2017-06-05\tCoordinated Firmware and Advisory release\n\n-- \nX41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen\nT: +49 241 9809418-0, Fax: -9\nUnternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989\nGeschA$?ftsfA1/4hrer: Markus Vervier\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8835"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004608"
},
{
"db": "CNVD",
"id": "CNVD-2017-09525"
},
{
"db": "VULHUB",
"id": "VHN-117038"
},
{
"db": "PACKETSTORM",
"id": "142801"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-117038",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117038"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8835",
"trust": 3.2
},
{
"db": "EXPLOIT-DB",
"id": "42130",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004608",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201705-330",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-09525",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "142801",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-93186",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-117038",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09525"
},
{
"db": "VULHUB",
"id": "VHN-117038"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004608"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8835"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-330"
}
]
},
"id": "VAR-201706-0987",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09525"
},
{
"db": "VULHUB",
"id": "VHN-117038"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09525"
}
]
},
"last_update_date": "2023-12-18T12:29:34.390000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Peplink Balance",
"trust": 0.8,
"url": "https://www.peplink.com/products/balance/"
},
{
"title": "Patches for SQL injection vulnerabilities in several PeplinkBalance products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/95356"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09525"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004608"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117038"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004608"
},
{
"db": "NVD",
"id": "CVE-2017-8835"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/"
},
{
"trust": 2.3,
"url": "http://seclists.org/bugtraq/2017/jun/1"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/42130/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8835"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8841"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8838"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/hasync/hasync.cgi?debug=1\u0026syncid=123%3cscript%3ealert%281%29%3c/script%3e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8837"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8839"
},
{
"trust": 0.1,
"url": "https://www.peplink.com/"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/manga/admin.cgi."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8836"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/manga/admin.cgi\""
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8840"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09525"
},
{
"db": "VULHUB",
"id": "VHN-117038"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004608"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8835"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-330"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-09525"
},
{
"db": "VULHUB",
"id": "VHN-117038"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004608"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8835"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-330"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-09525"
},
{
"date": "2017-06-05T00:00:00",
"db": "VULHUB",
"id": "VHN-117038"
},
{
"date": "2017-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004608"
},
{
"date": "2017-06-05T18:59:14",
"db": "PACKETSTORM",
"id": "142801"
},
{
"date": "2017-06-05T14:29:00.420000",
"db": "NVD",
"id": "CVE-2017-8835"
},
{
"date": "2017-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-330"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-09525"
},
{
"date": "2017-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-117038"
},
{
"date": "2017-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004608"
},
{
"date": "2017-08-13T01:29:22.337000",
"db": "NVD",
"id": "CVE-2017-8835"
},
{
"date": "2017-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-330"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-330"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Peplink Balance In the device product firmware SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004608"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-330"
}
],
"trust": 0.6
}
}
VAR-201706-0989
Vulnerability from variot - Updated: 2023-12-18 12:29Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The files in question are /etc/waipass and /etc/roapass. In case one of these devices is compromised, the attacker can gain access to passwords and abuse them to compromise further systems. plural Peplink Balance Device product firmware contains a vulnerability related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The plaintext storage password vulnerability Balance305 is a multi-export load balancing router for medium-sized enterprises. The use of fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093 before the firmware version of the PeplinkBalance product exists, the vulnerability is derived from the password stored in the /etc/waipassand/etc/roapass file in clear text. Peplink Balance 305 etc. The following products are affected: Peplink Balance 305; 380; 580; 710; 1350; 2500. X41 D-Sec GmbH Security Advisory: X41-2017-005
Multiple Vulnerabilities in peplink balance routers
Overview
Confirmed Affected Versions: 7.0.0-build1904 Confirmed Patched Versions: fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.bin Vulnerable Firmware: fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.0-build1904.bin Models: Balance Routers 305, 380, 580, 710, 1350, 2500 Vendor: Peplink Vendor URL: https://www.peplink.com/ Vector: Network Credit: X41 D-Sec GmbH, Eric Sesterhenn Additional Credits: Claus Overbeck (Abovo IT) Status: Public Advisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/
Summary and Impact
Several issues have been identified, which allow attackers to access the administrative web interface with admin credentials, delete files, perform CSRF and XSS attacks.
Product Description
From the vendor webpage: Use Load Balancing and SpeedFusion bandwidth bonding to deliver superfast VoIP, video streaming, and data using an SD-WAN enabled network. Even with a basic Balance 20 dual-WAN router, you can mix different transport technologies and providers to keep your network up when individual links go down. Switching between links is automatic and seamless.
SQL Injection via bauth Cookie
Severity Rating: Critical Vector: Network CVE: CVE-2017-8835 CWE: 89 CVSS Score: 9.8 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary and Impact
Peplink devices are vulnerable to an SQL injection attack via the bauth cookie parameter which is set e.g. when accessing https://ip/cgi-bin/MANGA/admin.cgi.
The injection can be checked with the following command:
./sqlmap.py -u "https://ip/cgi-bin/MANGA/admin.cgi" --cookie="bauth=csOWLxU4BvoMfhY2rHLVFm1EmZWV74zinla9IVclqrYxH16426647" -p"bauth" --level 5 --risk 3 --dbms sqlite --technique=BEUSQ --flush-session -t trace.log --prefix "'" --suffix "--" -a
The vulnerability in the Peplink device allows to access the SQLite session database containing user and session variables. By using the the following cookie in a web request, it is possible to select a running administrator session to be used for the attackers login.
bauth=-12' or id IN (select s.id from sessions as s left join sessionsvariables as v on v.id=s.id where v.name='rwa' and v.value='1') or '1'='2
By forming specialised SQL queries, it is possible to retrieve usernames from the database. This worked by returning a valid session in case the username existed and no session if it did not exist. In the first case the server did not set a new session cookie in the response to the request.
SELECT id FROM sessions WHERE sessionid = '-14' or id IN (select s.id from sessions as s left join sessionsvariables as v on v.id=s.id where v.name='username' and substr(v.value,1,3)='adm')
Workarounds
Install vendor supplied update.
No CSRF Protection
Severity Rating: Medium Vector: Network CVE: CVE-2017-8836 CWE: 352 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
The CGI scripts in the administrative interface are not protected against cross site request forgery attacks. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface.
Workarounds
Install vendor supplied update.
Passwords stored in Cleartext
Severity Rating: Medium Vector: Network CVE: CVE-2017-8837 CWE: 256 CVSS Score: 4.0 CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary and Impact
The Peplink devices store passwords in cleartext in the files /etc/waipass and /etc/roapass.
Workarounds
Install vendor supplied update.
XSS via syncid Parameter
Severity Rating: Medium Vector: Network CVE: CVE-2017-8838 CWE: 80 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
If the webinterface is accessible, it is possible to abuse the syncid parameter to trigger a cross-site-scripting issue by calling https://ip/cgi-bin/HASync/hasync.cgi?debug=1&syncid=123%3Cscript%3Ealert%281%29%3C/script%3E
This executes the JavaScript in the victims browser, which can be abused to steal session cookies.
Workarounds
Install vendor supplied update.
XSS via preview.cgi
Severity Rating: Medium Vector: Network CVE: CVE-2017-8839 CWE: 80 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
If the webinterface is accessible, it is possible to abuse the the orig_url parameter to trigger a cross-site-scripting issue in /guest/preview.cgi. The injection is directly into existing JavaScript.
This executes the JavaScript in the victims browser, which can be abused to steal session cookies.
Workarounds
Install vendor supplied update.
File Deletion
Severity Rating: Medium Vector: Network CVE: CVE-2017-8841 CWE: 73 CVSS Score: 6.5 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary and Impact
A logged in user can delete arbitrary files on the Peplink devices, by abusing the /cgi-bin/MANGA/firmware_process.cgi. When an absolute path is provided to the upfile.path parameter the file provided in the path is deleted during the process. This can be abused to cause a denial of service (DoS). In combination with the missing CSRF protection, this can be abused remotely via a logged in user.
Workarounds
Install vendor supplied update.
Information Disclosure
Severity Rating: Medium Vector: Network CVE: CVE-2017-8840 CWE: 200 CVSS Score: 5.3 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary and Impact
If the webinterface is accessible, it is possible to retrieve sensitive information without a valid login by opening cgi-bin/HASync/hasync.cgi?debug=1
This displays the following:
-----8<------------------------------------------------ Master LAN Address = [ / ] Serial Number = [ ] HA Group ID = [ ] Virtual IP = [ / ] Submitted syncid = [ ] -----8<------------------------------------------------
This information can be valuable for an attacker to exploit other issues.
Workarounds
Install vendor supplied update.
About X41 D-Sec GmbH
X41 D-Sec is a provider of application security services. We focus on application code reviews, design review and security testing. X41 D-Sec GmbH was founded in 2015 by Markus Vervier. We support customers in various industries such as finance, software development and public institutions.
Timeline
2017-04-07 Issue found 2017-04-10 Vendor asked for security contact 2017-04-11 Vendor replied, send GPG key 2017-04-11 Information supplied to vendor 2017-04-11 Vendor acknowledges that the information is received 2017-04-17 Vendor acknowledges SQL injection 2017-05-08 CVE IDs for all issues requested 2017-05-08 CVE IDs assigned 2017-05-11 Vendor informed about CVE IDs 2017-05-29 Version provided to X41 for testing 2017-05-31 First test results send back to the vendor 2017-06-01 Remaining test results send back to the vendor 2017-06-05 Coordinated Firmware and Advisory release
-- X41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen T: +49 241 9809418-0, Fax: -9 Unternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989 GeschA$?ftsfA1/4hrer: Markus Vervier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-0989",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "710hw3",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "b305hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "580hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "380hw6",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "1350hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "2500",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "balance 1350",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 2500",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 305",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 380",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 580",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 710",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "2500"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "1350"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "710"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "580"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "380"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "305"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004683"
},
{
"db": "NVD",
"id": "CVE-2017-8837"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-328"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:b305hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_305:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:380hw6_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_380:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:580hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_580:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:710hw3_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_710:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:1350hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_1350:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:2500_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_2500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8837"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eric Sesterhenn, Claus Overbeck",
"sources": [
{
"db": "PACKETSTORM",
"id": "142801"
}
],
"trust": 0.1
},
"cve": "CVE-2017-8837",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-8837",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-09523",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-117040",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-8837",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-8837",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2017-09523",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-328",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-117040",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09523"
},
{
"db": "VULHUB",
"id": "VHN-117040"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004683"
},
{
"db": "NVD",
"id": "CVE-2017-8837"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-328"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The files in question are /etc/waipass and /etc/roapass. In case one of these devices is compromised, the attacker can gain access to passwords and abuse them to compromise further systems. plural Peplink Balance Device product firmware contains a vulnerability related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The plaintext storage password vulnerability Balance305 is a multi-export load balancing router for medium-sized enterprises. The use of fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093 before the firmware version of the PeplinkBalance product exists, the vulnerability is derived from the password stored in the /etc/waipassand/etc/roapass file in clear text. Peplink Balance 305 etc. The following products are affected: Peplink Balance 305; 380; 580; 710; 1350; 2500. \nX41 D-Sec GmbH Security Advisory: X41-2017-005\n\nMultiple Vulnerabilities in peplink balance routers\n===================================================\n\nOverview\n--------\nConfirmed Affected Versions: 7.0.0-build1904\nConfirmed Patched Versions:\nfw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.bin\nVulnerable Firmware:\nfw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.0-build1904.bin\nModels: Balance Routers 305, 380, 580, 710, 1350, 2500\nVendor: Peplink\nVendor URL: https://www.peplink.com/\nVector: Network\nCredit: X41 D-Sec GmbH, Eric Sesterhenn\nAdditional Credits: Claus Overbeck (Abovo IT)\nStatus: Public\nAdvisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/\n\n\nSummary and Impact\n------------------\nSeveral issues have been identified, which allow attackers to access the\nadministrative web interface with admin credentials, delete files,\nperform CSRF and XSS attacks. \n\n\nProduct Description\n-------------------\nFrom the vendor webpage:\nUse Load Balancing and SpeedFusion bandwidth bonding to deliver\nsuperfast VoIP, video streaming, and data using an SD-WAN enabled\nnetwork. Even with a basic Balance 20 dual-WAN router, you can mix\ndifferent transport technologies and providers to keep your network up\nwhen individual links go down. Switching between links is automatic and\nseamless. \n\n\n\nSQL Injection via bauth Cookie\n==============================\nSeverity Rating: Critical\nVector: Network\nCVE: CVE-2017-8835\nCWE: 89\nCVSS Score: 9.8\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n\nSummary and Impact\n------------------\nPeplink devices are vulnerable to an SQL injection attack via the bauth\ncookie parameter which is set e.g. when accessing\nhttps://ip/cgi-bin/MANGA/admin.cgi. \n\nThe injection can be checked with the following command:\n\n./sqlmap.py -u \"https://ip/cgi-bin/MANGA/admin.cgi\"\n--cookie=\"bauth=csOWLxU4BvoMfhY2rHLVFm1EmZWV74zinla9IVclqrYxH16426647\"\n-p\"bauth\" --level 5 --risk 3 --dbms sqlite --technique=BEUSQ\n--flush-session -t trace.log --prefix \"\u0027\" --suffix \"--\" -a\n\nThe vulnerability in the Peplink device allows to access the SQLite\nsession database containing user and session variables. By using the the\nfollowing cookie in a web request, it is possible to select a running\nadministrator session to be used for the attackers login. \n\nbauth=-12\u0027 or id IN (select s.id from sessions as s left join\nsessionsvariables as v on v.id=s.id where v.name=\u0027rwa\u0027 and v.value=\u00271\u0027)\nor \u00271\u0027=\u00272\n\nBy forming specialised SQL queries, it is possible to retrieve usernames\nfrom the database. This worked by returning a valid session in case the\nusername existed and no session if it did not exist. In the first case\nthe server did not set a new session cookie in the response to the request. \n\nSELECT id FROM sessions WHERE sessionid = \u0027-14\u0027 or id IN (select s.id\nfrom sessions as s left join sessionsvariables as v on v.id=s.id where\nv.name=\u0027username\u0027 and substr(v.value,1,3)=\u0027adm\u0027)\n\n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\nNo CSRF Protection\n==================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8836\nCWE: 352\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nThe CGI scripts in the administrative interface are not protected\nagainst cross site request forgery attacks. This allows an attacker to\nexecute commands, if a logged in user visits a malicious website. This\ncan for example be used to change the credentials of the administrative\nwebinterface. \n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nPasswords stored in Cleartext\n=============================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8837\nCWE: 256\nCVSS Score: 4.0\nCVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n\nSummary and Impact\n------------------\nThe Peplink devices store passwords in cleartext in the files\n/etc/waipass and /etc/roapass. \n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nXSS via syncid Parameter\n========================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8838\nCWE: 80\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to abuse the syncid\nparameter to trigger a cross-site-scripting issue by calling\nhttps://ip/cgi-bin/HASync/hasync.cgi?debug=1\u0026syncid=123%3Cscript%3Ealert%281%29%3C/script%3E\n\nThis executes the JavaScript in the victims browser, which can be abused\nto steal session cookies. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nXSS via preview.cgi\n===================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8839\nCWE: 80\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to abuse the the\norig_url parameter to trigger a cross-site-scripting issue in\n/guest/preview.cgi. The injection is directly into existing JavaScript. \n\nThis executes the JavaScript in the victims browser, which can be abused\nto steal session cookies. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\nFile Deletion\n=============\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8841\nCWE: 73\nCVSS Score: 6.5\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H\n\nSummary and Impact\n------------------\nA logged in user can delete arbitrary files on the Peplink devices, by\nabusing the /cgi-bin/MANGA/firmware_process.cgi. When an absolute path\nis provided to the upfile.path parameter the file provided in the path\nis deleted during the process. This can be abused to cause a denial of\nservice (DoS). In combination with the missing CSRF protection, this can\nbe abused remotely via a logged in user. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nInformation Disclosure\n======================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8840\nCWE: 200\nCVSS Score: 5.3\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to retrieve sensitive\ninformation without a valid login by opening\ncgi-bin/HASync/hasync.cgi?debug=1\n\nThis displays the following:\n\n-----8\u003c------------------------------------------------\nMaster LAN Address = [ \u003cinternal ip\u003e / \u003cnetmask\u003e ]\nSerial Number = [ \u003cserial number\u003e ]\nHA Group ID = [ \u003cgroup id\u003e ]\nVirtual IP = [ \u003cinternal ip\u003e / \u003cnetmask\u003e ]\nSubmitted syncid = [ \u003csyncid\u003e ]\n-----8\u003c------------------------------------------------\n\nThis information can be valuable for an attacker to exploit other issues. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nAbout X41 D-Sec GmbH\n--------------------\nX41 D-Sec is a provider of application security services. We focus on\napplication code reviews, design review and security testing. X41 D-Sec\nGmbH was founded in 2015 by Markus Vervier. We support customers in\nvarious industries such as finance, software development and public\ninstitutions. \n\nTimeline\n--------\n2017-04-07\tIssue found\n2017-04-10\tVendor asked for security contact\n2017-04-11\tVendor replied, send GPG key\n2017-04-11\tInformation supplied to vendor\n2017-04-11\tVendor acknowledges that the information is received\n2017-04-17\tVendor acknowledges SQL injection\n2017-05-08\tCVE IDs for all issues requested\n2017-05-08\tCVE IDs assigned\n2017-05-11\tVendor informed about CVE IDs\n2017-05-29\tVersion provided to X41 for testing\n2017-05-31\tFirst test results send back to the vendor\n2017-06-01\tRemaining test results send back to the vendor\n2017-06-05\tCoordinated Firmware and Advisory release\n\n-- \nX41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen\nT: +49 241 9809418-0, Fax: -9\nUnternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989\nGeschA$?ftsfA1/4hrer: Markus Vervier\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8837"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004683"
},
{
"db": "CNVD",
"id": "CNVD-2017-09523"
},
{
"db": "VULHUB",
"id": "VHN-117040"
},
{
"db": "PACKETSTORM",
"id": "142801"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-117040",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117040"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8837",
"trust": 3.2
},
{
"db": "EXPLOIT-DB",
"id": "42130",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004683",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201705-328",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-09523",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117040",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142801",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09523"
},
{
"db": "VULHUB",
"id": "VHN-117040"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004683"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8837"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-328"
}
]
},
"id": "VAR-201706-0989",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09523"
},
{
"db": "VULHUB",
"id": "VHN-117040"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09523"
}
]
},
"last_update_date": "2023-12-18T12:29:34.355000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Peplink Balance",
"trust": 0.8,
"url": "https://www.peplink.com/products/balance/"
},
{
"title": "Patches for plaintext storage password vulnerabilities in various PeplinkBalance products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/95358"
},
{
"title": "Multiple Peplink Balance Repair measures for product trust management vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=99792"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004683"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-328"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-522",
"trust": 1.1
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117040"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004683"
},
{
"db": "NVD",
"id": "CVE-2017-8837"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/"
},
{
"trust": 2.3,
"url": "http://seclists.org/bugtraq/2017/jun/1"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/42130/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8837"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8837"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8841"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8838"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/hasync/hasync.cgi?debug=1\u0026syncid=123%3cscript%3ealert%281%29%3c/script%3e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8839"
},
{
"trust": 0.1,
"url": "https://www.peplink.com/"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/manga/admin.cgi."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8836"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/manga/admin.cgi\""
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8840"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09523"
},
{
"db": "VULHUB",
"id": "VHN-117040"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004683"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8837"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-328"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-09523"
},
{
"db": "VULHUB",
"id": "VHN-117040"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004683"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8837"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-328"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-09523"
},
{
"date": "2017-06-05T00:00:00",
"db": "VULHUB",
"id": "VHN-117040"
},
{
"date": "2017-07-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004683"
},
{
"date": "2017-06-05T18:59:14",
"db": "PACKETSTORM",
"id": "142801"
},
{
"date": "2017-06-05T14:29:00.483000",
"db": "NVD",
"id": "CVE-2017-8837"
},
{
"date": "2017-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-328"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-09523"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-117040"
},
{
"date": "2017-07-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004683"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-8837"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-328"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-328"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Peplink Balance Vulnerabilities related to certificate and password management in device product firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004683"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-328"
}
],
"trust": 0.6
}
}
VAR-201706-0991
Vulnerability from variot - Updated: 2023-12-18 12:29XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is guest/preview.cgi. plural Peplink Balance Device product firmware guest/preview.cgi Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. PeplinkBalance305 is a multi-export load balancing router for medium-sized enterprises. A remote attacker can exploit this vulnerability to inject arbitrary web scripts or HTML with the help of the \342\200\230orig_url\342\200\231 parameter. Peplink Balance 305 etc. The following products are affected: Peplink Balance 305; 380; 580; 710; 1350; 2500. X41 D-Sec GmbH Security Advisory: X41-2017-005
Multiple Vulnerabilities in peplink balance routers
Overview
Confirmed Affected Versions: 7.0.0-build1904 Confirmed Patched Versions: fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.bin Vulnerable Firmware: fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.0-build1904.bin Models: Balance Routers 305, 380, 580, 710, 1350, 2500 Vendor: Peplink Vendor URL: https://www.peplink.com/ Vector: Network Credit: X41 D-Sec GmbH, Eric Sesterhenn Additional Credits: Claus Overbeck (Abovo IT) Status: Public Advisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/
Summary and Impact
Several issues have been identified, which allow attackers to access the administrative web interface with admin credentials, delete files, perform CSRF and XSS attacks.
Product Description
From the vendor webpage: Use Load Balancing and SpeedFusion bandwidth bonding to deliver superfast VoIP, video streaming, and data using an SD-WAN enabled network. Even with a basic Balance 20 dual-WAN router, you can mix different transport technologies and providers to keep your network up when individual links go down. Switching between links is automatic and seamless.
SQL Injection via bauth Cookie
Severity Rating: Critical Vector: Network CVE: CVE-2017-8835 CWE: 89 CVSS Score: 9.8 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary and Impact
Peplink devices are vulnerable to an SQL injection attack via the bauth cookie parameter which is set e.g. when accessing https://ip/cgi-bin/MANGA/admin.cgi.
The injection can be checked with the following command:
./sqlmap.py -u "https://ip/cgi-bin/MANGA/admin.cgi" --cookie="bauth=csOWLxU4BvoMfhY2rHLVFm1EmZWV74zinla9IVclqrYxH16426647" -p"bauth" --level 5 --risk 3 --dbms sqlite --technique=BEUSQ --flush-session -t trace.log --prefix "'" --suffix "--" -a
The vulnerability in the Peplink device allows to access the SQLite session database containing user and session variables. By using the the following cookie in a web request, it is possible to select a running administrator session to be used for the attackers login.
bauth=-12' or id IN (select s.id from sessions as s left join sessionsvariables as v on v.id=s.id where v.name='rwa' and v.value='1') or '1'='2
By forming specialised SQL queries, it is possible to retrieve usernames from the database. This worked by returning a valid session in case the username existed and no session if it did not exist. In the first case the server did not set a new session cookie in the response to the request.
SELECT id FROM sessions WHERE sessionid = '-14' or id IN (select s.id from sessions as s left join sessionsvariables as v on v.id=s.id where v.name='username' and substr(v.value,1,3)='adm')
Workarounds
Install vendor supplied update.
No CSRF Protection
Severity Rating: Medium Vector: Network CVE: CVE-2017-8836 CWE: 352 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
The CGI scripts in the administrative interface are not protected against cross site request forgery attacks. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface.
Workarounds
Install vendor supplied update.
Passwords stored in Cleartext
Severity Rating: Medium Vector: Network CVE: CVE-2017-8837 CWE: 256 CVSS Score: 4.0 CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary and Impact
The Peplink devices store passwords in cleartext in the files /etc/waipass and /etc/roapass. In case one of these devices is compromised the attacker can gain access to the cleartext passwords and abuse them to compromise further systems.
Workarounds
Install vendor supplied update.
XSS via syncid Parameter
Severity Rating: Medium Vector: Network CVE: CVE-2017-8838 CWE: 80 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
If the webinterface is accessible, it is possible to abuse the syncid parameter to trigger a cross-site-scripting issue by calling https://ip/cgi-bin/HASync/hasync.cgi?debug=1&syncid=123%3Cscript%3Ealert%281%29%3C/script%3E
This executes the JavaScript in the victims browser, which can be abused to steal session cookies.
Workarounds
Install vendor supplied update.
XSS via preview.cgi
Severity Rating: Medium Vector: Network CVE: CVE-2017-8839 CWE: 80 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
If the webinterface is accessible, it is possible to abuse the the orig_url parameter to trigger a cross-site-scripting issue in /guest/preview.cgi. The injection is directly into existing JavaScript.
This executes the JavaScript in the victims browser, which can be abused to steal session cookies.
Workarounds
Install vendor supplied update.
File Deletion
Severity Rating: Medium Vector: Network CVE: CVE-2017-8841 CWE: 73 CVSS Score: 6.5 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary and Impact
A logged in user can delete arbitrary files on the Peplink devices, by abusing the /cgi-bin/MANGA/firmware_process.cgi. When an absolute path is provided to the upfile.path parameter the file provided in the path is deleted during the process. This can be abused to cause a denial of service (DoS). In combination with the missing CSRF protection, this can be abused remotely via a logged in user.
Workarounds
Install vendor supplied update.
Information Disclosure
Severity Rating: Medium Vector: Network CVE: CVE-2017-8840 CWE: 200 CVSS Score: 5.3 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary and Impact
If the webinterface is accessible, it is possible to retrieve sensitive information without a valid login by opening cgi-bin/HASync/hasync.cgi?debug=1
This displays the following:
-----8<------------------------------------------------ Master LAN Address = [ / ] Serial Number = [ ] HA Group ID = [ ] Virtual IP = [ / ] Submitted syncid = [ ] -----8<------------------------------------------------
This information can be valuable for an attacker to exploit other issues.
Workarounds
Install vendor supplied update.
About X41 D-Sec GmbH
X41 D-Sec is a provider of application security services. We focus on application code reviews, design review and security testing. X41 D-Sec GmbH was founded in 2015 by Markus Vervier. We support customers in various industries such as finance, software development and public institutions.
Timeline
2017-04-07 Issue found 2017-04-10 Vendor asked for security contact 2017-04-11 Vendor replied, send GPG key 2017-04-11 Information supplied to vendor 2017-04-11 Vendor acknowledges that the information is received 2017-04-17 Vendor acknowledges SQL injection 2017-05-08 CVE IDs for all issues requested 2017-05-08 CVE IDs assigned 2017-05-11 Vendor informed about CVE IDs 2017-05-29 Version provided to X41 for testing 2017-05-31 First test results send back to the vendor 2017-06-01 Remaining test results send back to the vendor 2017-06-05 Coordinated Firmware and Advisory release
-- X41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen T: +49 241 9809418-0, Fax: -9 Unternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989 GeschA$?ftsfA1/4hrer: Markus Vervier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-0991",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "710hw3",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "b305hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "580hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "380hw6",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "1350hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "2500",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "balance 1350",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 2500",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 305",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 380",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 580",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 710",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "2500"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "1350"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "710"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "580"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "380"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "305"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09519"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004611"
},
{
"db": "NVD",
"id": "CVE-2017-8839"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-326"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:b305hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_305:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:380hw6_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_380:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:580hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_580:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:710hw3_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_710:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:1350hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_1350:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:2500_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_2500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8839"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eric Sesterhenn, Claus Overbeck",
"sources": [
{
"db": "PACKETSTORM",
"id": "142801"
}
],
"trust": 0.1
},
"cve": "CVE-2017-8839",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-8839",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-09519",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-117042",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-8839",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-8839",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-09519",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-326",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-117042",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09519"
},
{
"db": "VULHUB",
"id": "VHN-117042"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004611"
},
{
"db": "NVD",
"id": "CVE-2017-8839"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-326"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is guest/preview.cgi. plural Peplink Balance Device product firmware guest/preview.cgi Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. PeplinkBalance305 is a multi-export load balancing router for medium-sized enterprises. A remote attacker can exploit this vulnerability to inject arbitrary web scripts or HTML with the help of the \\342\\200\\230orig_url\\342\\200\\231 parameter. Peplink Balance 305 etc. The following products are affected: Peplink Balance 305; 380; 580; 710; 1350; 2500. \nX41 D-Sec GmbH Security Advisory: X41-2017-005\n\nMultiple Vulnerabilities in peplink balance routers\n===================================================\n\nOverview\n--------\nConfirmed Affected Versions: 7.0.0-build1904\nConfirmed Patched Versions:\nfw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.bin\nVulnerable Firmware:\nfw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.0-build1904.bin\nModels: Balance Routers 305, 380, 580, 710, 1350, 2500\nVendor: Peplink\nVendor URL: https://www.peplink.com/\nVector: Network\nCredit: X41 D-Sec GmbH, Eric Sesterhenn\nAdditional Credits: Claus Overbeck (Abovo IT)\nStatus: Public\nAdvisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/\n\n\nSummary and Impact\n------------------\nSeveral issues have been identified, which allow attackers to access the\nadministrative web interface with admin credentials, delete files,\nperform CSRF and XSS attacks. \n\n\nProduct Description\n-------------------\nFrom the vendor webpage:\nUse Load Balancing and SpeedFusion bandwidth bonding to deliver\nsuperfast VoIP, video streaming, and data using an SD-WAN enabled\nnetwork. Even with a basic Balance 20 dual-WAN router, you can mix\ndifferent transport technologies and providers to keep your network up\nwhen individual links go down. Switching between links is automatic and\nseamless. \n\n\n\nSQL Injection via bauth Cookie\n==============================\nSeverity Rating: Critical\nVector: Network\nCVE: CVE-2017-8835\nCWE: 89\nCVSS Score: 9.8\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n\nSummary and Impact\n------------------\nPeplink devices are vulnerable to an SQL injection attack via the bauth\ncookie parameter which is set e.g. when accessing\nhttps://ip/cgi-bin/MANGA/admin.cgi. \n\nThe injection can be checked with the following command:\n\n./sqlmap.py -u \"https://ip/cgi-bin/MANGA/admin.cgi\"\n--cookie=\"bauth=csOWLxU4BvoMfhY2rHLVFm1EmZWV74zinla9IVclqrYxH16426647\"\n-p\"bauth\" --level 5 --risk 3 --dbms sqlite --technique=BEUSQ\n--flush-session -t trace.log --prefix \"\u0027\" --suffix \"--\" -a\n\nThe vulnerability in the Peplink device allows to access the SQLite\nsession database containing user and session variables. By using the the\nfollowing cookie in a web request, it is possible to select a running\nadministrator session to be used for the attackers login. \n\nbauth=-12\u0027 or id IN (select s.id from sessions as s left join\nsessionsvariables as v on v.id=s.id where v.name=\u0027rwa\u0027 and v.value=\u00271\u0027)\nor \u00271\u0027=\u00272\n\nBy forming specialised SQL queries, it is possible to retrieve usernames\nfrom the database. This worked by returning a valid session in case the\nusername existed and no session if it did not exist. In the first case\nthe server did not set a new session cookie in the response to the request. \n\nSELECT id FROM sessions WHERE sessionid = \u0027-14\u0027 or id IN (select s.id\nfrom sessions as s left join sessionsvariables as v on v.id=s.id where\nv.name=\u0027username\u0027 and substr(v.value,1,3)=\u0027adm\u0027)\n\n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\nNo CSRF Protection\n==================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8836\nCWE: 352\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nThe CGI scripts in the administrative interface are not protected\nagainst cross site request forgery attacks. This allows an attacker to\nexecute commands, if a logged in user visits a malicious website. This\ncan for example be used to change the credentials of the administrative\nwebinterface. \n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nPasswords stored in Cleartext\n=============================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8837\nCWE: 256\nCVSS Score: 4.0\nCVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n\nSummary and Impact\n------------------\nThe Peplink devices store passwords in cleartext in the files\n/etc/waipass and /etc/roapass. In case one of these devices is\ncompromised the attacker can gain access to the cleartext passwords and\nabuse them to compromise further systems. \n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nXSS via syncid Parameter\n========================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8838\nCWE: 80\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to abuse the syncid\nparameter to trigger a cross-site-scripting issue by calling\nhttps://ip/cgi-bin/HASync/hasync.cgi?debug=1\u0026syncid=123%3Cscript%3Ealert%281%29%3C/script%3E\n\nThis executes the JavaScript in the victims browser, which can be abused\nto steal session cookies. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nXSS via preview.cgi\n===================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8839\nCWE: 80\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to abuse the the\norig_url parameter to trigger a cross-site-scripting issue in\n/guest/preview.cgi. The injection is directly into existing JavaScript. \n\nThis executes the JavaScript in the victims browser, which can be abused\nto steal session cookies. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\nFile Deletion\n=============\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8841\nCWE: 73\nCVSS Score: 6.5\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H\n\nSummary and Impact\n------------------\nA logged in user can delete arbitrary files on the Peplink devices, by\nabusing the /cgi-bin/MANGA/firmware_process.cgi. When an absolute path\nis provided to the upfile.path parameter the file provided in the path\nis deleted during the process. This can be abused to cause a denial of\nservice (DoS). In combination with the missing CSRF protection, this can\nbe abused remotely via a logged in user. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nInformation Disclosure\n======================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8840\nCWE: 200\nCVSS Score: 5.3\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to retrieve sensitive\ninformation without a valid login by opening\ncgi-bin/HASync/hasync.cgi?debug=1\n\nThis displays the following:\n\n-----8\u003c------------------------------------------------\nMaster LAN Address = [ \u003cinternal ip\u003e / \u003cnetmask\u003e ]\nSerial Number = [ \u003cserial number\u003e ]\nHA Group ID = [ \u003cgroup id\u003e ]\nVirtual IP = [ \u003cinternal ip\u003e / \u003cnetmask\u003e ]\nSubmitted syncid = [ \u003csyncid\u003e ]\n-----8\u003c------------------------------------------------\n\nThis information can be valuable for an attacker to exploit other issues. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nAbout X41 D-Sec GmbH\n--------------------\nX41 D-Sec is a provider of application security services. We focus on\napplication code reviews, design review and security testing. X41 D-Sec\nGmbH was founded in 2015 by Markus Vervier. We support customers in\nvarious industries such as finance, software development and public\ninstitutions. \n\nTimeline\n--------\n2017-04-07\tIssue found\n2017-04-10\tVendor asked for security contact\n2017-04-11\tVendor replied, send GPG key\n2017-04-11\tInformation supplied to vendor\n2017-04-11\tVendor acknowledges that the information is received\n2017-04-17\tVendor acknowledges SQL injection\n2017-05-08\tCVE IDs for all issues requested\n2017-05-08\tCVE IDs assigned\n2017-05-11\tVendor informed about CVE IDs\n2017-05-29\tVersion provided to X41 for testing\n2017-05-31\tFirst test results send back to the vendor\n2017-06-01\tRemaining test results send back to the vendor\n2017-06-05\tCoordinated Firmware and Advisory release\n\n-- \nX41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen\nT: +49 241 9809418-0, Fax: -9\nUnternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989\nGeschA$?ftsfA1/4hrer: Markus Vervier\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8839"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004611"
},
{
"db": "CNVD",
"id": "CNVD-2017-09519"
},
{
"db": "VULHUB",
"id": "VHN-117042"
},
{
"db": "PACKETSTORM",
"id": "142801"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-117042",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117042"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8839",
"trust": 3.2
},
{
"db": "EXPLOIT-DB",
"id": "42130",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004611",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201705-326",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-09519",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117042",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142801",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09519"
},
{
"db": "VULHUB",
"id": "VHN-117042"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004611"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8839"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-326"
}
]
},
"id": "VAR-201706-0991",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09519"
},
{
"db": "VULHUB",
"id": "VHN-117042"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09519"
}
]
},
"last_update_date": "2023-12-18T12:29:34.322000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Peplink Balance",
"trust": 0.8,
"url": "https://www.peplink.com/products/balance/"
},
{
"title": "Patch for Cross-Site Scripting Vulnerability (CNVD-2017-09519) for several PeplinkBalance products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/95360"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09519"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004611"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117042"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004611"
},
{
"db": "NVD",
"id": "CVE-2017-8839"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/"
},
{
"trust": 2.3,
"url": "http://seclists.org/bugtraq/2017/jun/1"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/42130/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8839"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8839"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8841"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8838"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/hasync/hasync.cgi?debug=1\u0026syncid=123%3cscript%3ealert%281%29%3c/script%3e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8837"
},
{
"trust": 0.1,
"url": "https://www.peplink.com/"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/manga/admin.cgi."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8836"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/manga/admin.cgi\""
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8840"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09519"
},
{
"db": "VULHUB",
"id": "VHN-117042"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004611"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8839"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-326"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-09519"
},
{
"db": "VULHUB",
"id": "VHN-117042"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004611"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8839"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-326"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-09519"
},
{
"date": "2017-06-05T00:00:00",
"db": "VULHUB",
"id": "VHN-117042"
},
{
"date": "2017-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004611"
},
{
"date": "2017-06-05T18:59:14",
"db": "PACKETSTORM",
"id": "142801"
},
{
"date": "2017-06-05T14:29:00.543000",
"db": "NVD",
"id": "CVE-2017-8839"
},
{
"date": "2017-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-326"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-09519"
},
{
"date": "2017-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-117042"
},
{
"date": "2017-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004611"
},
{
"date": "2017-08-13T01:29:22.647000",
"db": "NVD",
"id": "CVE-2017-8839"
},
{
"date": "2017-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-326"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-326"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Peplink Balance Device product firmware cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004611"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-326"
}
],
"trust": 0.6
}
}
VAR-201706-0990
Vulnerability from variot - Updated: 2023-12-18 12:29XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi. plural Peplink Balance Device product firmware cgi-bin/HASync/hasync.cgi Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. PeplinkBalance305 is a multi-export load balancing router for medium-sized enterprises. A remote attacker can exploit this vulnerability to inject arbitrary web scripts or HTML with the help of the \342\200\230syncid\342\200\231 parameter. Peplink Balance 305 etc. The following products are affected: Peplink Balance 305; 380; 580; 710; 1350; 2500. X41 D-Sec GmbH Security Advisory: X41-2017-005
Multiple Vulnerabilities in peplink balance routers
Overview
Confirmed Affected Versions: 7.0.0-build1904 Confirmed Patched Versions: fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.bin Vulnerable Firmware: fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.0-build1904.bin Models: Balance Routers 305, 380, 580, 710, 1350, 2500 Vendor: Peplink Vendor URL: https://www.peplink.com/ Vector: Network Credit: X41 D-Sec GmbH, Eric Sesterhenn Additional Credits: Claus Overbeck (Abovo IT) Status: Public Advisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/
Summary and Impact
Several issues have been identified, which allow attackers to access the administrative web interface with admin credentials, delete files, perform CSRF and XSS attacks.
Product Description
From the vendor webpage: Use Load Balancing and SpeedFusion bandwidth bonding to deliver superfast VoIP, video streaming, and data using an SD-WAN enabled network. Even with a basic Balance 20 dual-WAN router, you can mix different transport technologies and providers to keep your network up when individual links go down. Switching between links is automatic and seamless.
SQL Injection via bauth Cookie
Severity Rating: Critical Vector: Network CVE: CVE-2017-8835 CWE: 89 CVSS Score: 9.8 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary and Impact
Peplink devices are vulnerable to an SQL injection attack via the bauth cookie parameter which is set e.g. when accessing https://ip/cgi-bin/MANGA/admin.cgi.
The injection can be checked with the following command:
./sqlmap.py -u "https://ip/cgi-bin/MANGA/admin.cgi" --cookie="bauth=csOWLxU4BvoMfhY2rHLVFm1EmZWV74zinla9IVclqrYxH16426647" -p"bauth" --level 5 --risk 3 --dbms sqlite --technique=BEUSQ --flush-session -t trace.log --prefix "'" --suffix "--" -a
The vulnerability in the Peplink device allows to access the SQLite session database containing user and session variables. By using the the following cookie in a web request, it is possible to select a running administrator session to be used for the attackers login.
bauth=-12' or id IN (select s.id from sessions as s left join sessionsvariables as v on v.id=s.id where v.name='rwa' and v.value='1') or '1'='2
By forming specialised SQL queries, it is possible to retrieve usernames from the database. This worked by returning a valid session in case the username existed and no session if it did not exist. In the first case the server did not set a new session cookie in the response to the request.
SELECT id FROM sessions WHERE sessionid = '-14' or id IN (select s.id from sessions as s left join sessionsvariables as v on v.id=s.id where v.name='username' and substr(v.value,1,3)='adm')
Workarounds
Install vendor supplied update.
No CSRF Protection
Severity Rating: Medium Vector: Network CVE: CVE-2017-8836 CWE: 352 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
The CGI scripts in the administrative interface are not protected against cross site request forgery attacks. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface.
Workarounds
Install vendor supplied update.
Passwords stored in Cleartext
Severity Rating: Medium Vector: Network CVE: CVE-2017-8837 CWE: 256 CVSS Score: 4.0 CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary and Impact
The Peplink devices store passwords in cleartext in the files /etc/waipass and /etc/roapass. In case one of these devices is compromised the attacker can gain access to the cleartext passwords and abuse them to compromise further systems.
Workarounds
Install vendor supplied update.
XSS via syncid Parameter
Severity Rating: Medium Vector: Network CVE: CVE-2017-8838 CWE: 80 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
If the webinterface is accessible, it is possible to abuse the syncid parameter to trigger a cross-site-scripting issue by calling https://ip/cgi-bin/HASync/hasync.cgi?debug=1&syncid=123%3Cscript%3Ealert%281%29%3C/script%3E
This executes the JavaScript in the victims browser, which can be abused to steal session cookies.
Workarounds
Install vendor supplied update.
XSS via preview.cgi
Severity Rating: Medium Vector: Network CVE: CVE-2017-8839 CWE: 80 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
If the webinterface is accessible, it is possible to abuse the the orig_url parameter to trigger a cross-site-scripting issue in /guest/preview.cgi. The injection is directly into existing JavaScript.
This executes the JavaScript in the victims browser, which can be abused to steal session cookies.
Workarounds
Install vendor supplied update.
File Deletion
Severity Rating: Medium Vector: Network CVE: CVE-2017-8841 CWE: 73 CVSS Score: 6.5 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary and Impact
A logged in user can delete arbitrary files on the Peplink devices, by abusing the /cgi-bin/MANGA/firmware_process.cgi. When an absolute path is provided to the upfile.path parameter the file provided in the path is deleted during the process. This can be abused to cause a denial of service (DoS). In combination with the missing CSRF protection, this can be abused remotely via a logged in user.
Workarounds
Install vendor supplied update.
Information Disclosure
Severity Rating: Medium Vector: Network CVE: CVE-2017-8840 CWE: 200 CVSS Score: 5.3 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary and Impact
If the webinterface is accessible, it is possible to retrieve sensitive information without a valid login by opening cgi-bin/HASync/hasync.cgi?debug=1
This displays the following:
-----8<------------------------------------------------ Master LAN Address = [ / ] Serial Number = [ ] HA Group ID = [ ] Virtual IP = [ / ] Submitted syncid = [ ] -----8<------------------------------------------------
This information can be valuable for an attacker to exploit other issues.
Workarounds
Install vendor supplied update.
About X41 D-Sec GmbH
X41 D-Sec is a provider of application security services. We focus on application code reviews, design review and security testing. X41 D-Sec GmbH was founded in 2015 by Markus Vervier. We support customers in various industries such as finance, software development and public institutions.
Timeline
2017-04-07 Issue found 2017-04-10 Vendor asked for security contact 2017-04-11 Vendor replied, send GPG key 2017-04-11 Information supplied to vendor 2017-04-11 Vendor acknowledges that the information is received 2017-04-17 Vendor acknowledges SQL injection 2017-05-08 CVE IDs for all issues requested 2017-05-08 CVE IDs assigned 2017-05-11 Vendor informed about CVE IDs 2017-05-29 Version provided to X41 for testing 2017-05-31 First test results send back to the vendor 2017-06-01 Remaining test results send back to the vendor 2017-06-05 Coordinated Firmware and Advisory release
-- X41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen T: +49 241 9809418-0, Fax: -9 Unternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989 GeschA$?ftsfA1/4hrer: Markus Vervier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-0990",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "710hw3",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "b305hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "580hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "380hw6",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "1350hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "2500",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "balance 1350",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 2500",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 305",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 380",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 580",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 710",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "2500"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "1350"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "710"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "580"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "380"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "305"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09522"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004610"
},
{
"db": "NVD",
"id": "CVE-2017-8838"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-327"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:b305hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_305:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:380hw6_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_380:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:580hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_580:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:710hw3_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_710:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:1350hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_1350:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:2500_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_2500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8838"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eric Sesterhenn, Claus Overbeck",
"sources": [
{
"db": "PACKETSTORM",
"id": "142801"
}
],
"trust": 0.1
},
"cve": "CVE-2017-8838",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-8838",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-09522",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-117041",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-8838",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-8838",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-09522",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-327",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-117041",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09522"
},
{
"db": "VULHUB",
"id": "VHN-117041"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004610"
},
{
"db": "NVD",
"id": "CVE-2017-8838"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-327"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi. plural Peplink Balance Device product firmware cgi-bin/HASync/hasync.cgi Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. PeplinkBalance305 is a multi-export load balancing router for medium-sized enterprises. A remote attacker can exploit this vulnerability to inject arbitrary web scripts or HTML with the help of the \\342\\200\\230syncid\\342\\200\\231 parameter. Peplink Balance 305 etc. The following products are affected: Peplink Balance 305; 380; 580; 710; 1350; 2500. \nX41 D-Sec GmbH Security Advisory: X41-2017-005\n\nMultiple Vulnerabilities in peplink balance routers\n===================================================\n\nOverview\n--------\nConfirmed Affected Versions: 7.0.0-build1904\nConfirmed Patched Versions:\nfw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.bin\nVulnerable Firmware:\nfw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.0-build1904.bin\nModels: Balance Routers 305, 380, 580, 710, 1350, 2500\nVendor: Peplink\nVendor URL: https://www.peplink.com/\nVector: Network\nCredit: X41 D-Sec GmbH, Eric Sesterhenn\nAdditional Credits: Claus Overbeck (Abovo IT)\nStatus: Public\nAdvisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/\n\n\nSummary and Impact\n------------------\nSeveral issues have been identified, which allow attackers to access the\nadministrative web interface with admin credentials, delete files,\nperform CSRF and XSS attacks. \n\n\nProduct Description\n-------------------\nFrom the vendor webpage:\nUse Load Balancing and SpeedFusion bandwidth bonding to deliver\nsuperfast VoIP, video streaming, and data using an SD-WAN enabled\nnetwork. Even with a basic Balance 20 dual-WAN router, you can mix\ndifferent transport technologies and providers to keep your network up\nwhen individual links go down. Switching between links is automatic and\nseamless. \n\n\n\nSQL Injection via bauth Cookie\n==============================\nSeverity Rating: Critical\nVector: Network\nCVE: CVE-2017-8835\nCWE: 89\nCVSS Score: 9.8\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n\nSummary and Impact\n------------------\nPeplink devices are vulnerable to an SQL injection attack via the bauth\ncookie parameter which is set e.g. when accessing\nhttps://ip/cgi-bin/MANGA/admin.cgi. \n\nThe injection can be checked with the following command:\n\n./sqlmap.py -u \"https://ip/cgi-bin/MANGA/admin.cgi\"\n--cookie=\"bauth=csOWLxU4BvoMfhY2rHLVFm1EmZWV74zinla9IVclqrYxH16426647\"\n-p\"bauth\" --level 5 --risk 3 --dbms sqlite --technique=BEUSQ\n--flush-session -t trace.log --prefix \"\u0027\" --suffix \"--\" -a\n\nThe vulnerability in the Peplink device allows to access the SQLite\nsession database containing user and session variables. By using the the\nfollowing cookie in a web request, it is possible to select a running\nadministrator session to be used for the attackers login. \n\nbauth=-12\u0027 or id IN (select s.id from sessions as s left join\nsessionsvariables as v on v.id=s.id where v.name=\u0027rwa\u0027 and v.value=\u00271\u0027)\nor \u00271\u0027=\u00272\n\nBy forming specialised SQL queries, it is possible to retrieve usernames\nfrom the database. This worked by returning a valid session in case the\nusername existed and no session if it did not exist. In the first case\nthe server did not set a new session cookie in the response to the request. \n\nSELECT id FROM sessions WHERE sessionid = \u0027-14\u0027 or id IN (select s.id\nfrom sessions as s left join sessionsvariables as v on v.id=s.id where\nv.name=\u0027username\u0027 and substr(v.value,1,3)=\u0027adm\u0027)\n\n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\nNo CSRF Protection\n==================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8836\nCWE: 352\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nThe CGI scripts in the administrative interface are not protected\nagainst cross site request forgery attacks. This allows an attacker to\nexecute commands, if a logged in user visits a malicious website. This\ncan for example be used to change the credentials of the administrative\nwebinterface. \n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nPasswords stored in Cleartext\n=============================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8837\nCWE: 256\nCVSS Score: 4.0\nCVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n\nSummary and Impact\n------------------\nThe Peplink devices store passwords in cleartext in the files\n/etc/waipass and /etc/roapass. In case one of these devices is\ncompromised the attacker can gain access to the cleartext passwords and\nabuse them to compromise further systems. \n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nXSS via syncid Parameter\n========================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8838\nCWE: 80\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to abuse the syncid\nparameter to trigger a cross-site-scripting issue by calling\nhttps://ip/cgi-bin/HASync/hasync.cgi?debug=1\u0026syncid=123%3Cscript%3Ealert%281%29%3C/script%3E\n\nThis executes the JavaScript in the victims browser, which can be abused\nto steal session cookies. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nXSS via preview.cgi\n===================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8839\nCWE: 80\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to abuse the the\norig_url parameter to trigger a cross-site-scripting issue in\n/guest/preview.cgi. The injection is directly into existing JavaScript. \n\nThis executes the JavaScript in the victims browser, which can be abused\nto steal session cookies. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\nFile Deletion\n=============\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8841\nCWE: 73\nCVSS Score: 6.5\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H\n\nSummary and Impact\n------------------\nA logged in user can delete arbitrary files on the Peplink devices, by\nabusing the /cgi-bin/MANGA/firmware_process.cgi. When an absolute path\nis provided to the upfile.path parameter the file provided in the path\nis deleted during the process. This can be abused to cause a denial of\nservice (DoS). In combination with the missing CSRF protection, this can\nbe abused remotely via a logged in user. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nInformation Disclosure\n======================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8840\nCWE: 200\nCVSS Score: 5.3\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to retrieve sensitive\ninformation without a valid login by opening\ncgi-bin/HASync/hasync.cgi?debug=1\n\nThis displays the following:\n\n-----8\u003c------------------------------------------------\nMaster LAN Address = [ \u003cinternal ip\u003e / \u003cnetmask\u003e ]\nSerial Number = [ \u003cserial number\u003e ]\nHA Group ID = [ \u003cgroup id\u003e ]\nVirtual IP = [ \u003cinternal ip\u003e / \u003cnetmask\u003e ]\nSubmitted syncid = [ \u003csyncid\u003e ]\n-----8\u003c------------------------------------------------\n\nThis information can be valuable for an attacker to exploit other issues. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nAbout X41 D-Sec GmbH\n--------------------\nX41 D-Sec is a provider of application security services. We focus on\napplication code reviews, design review and security testing. X41 D-Sec\nGmbH was founded in 2015 by Markus Vervier. We support customers in\nvarious industries such as finance, software development and public\ninstitutions. \n\nTimeline\n--------\n2017-04-07\tIssue found\n2017-04-10\tVendor asked for security contact\n2017-04-11\tVendor replied, send GPG key\n2017-04-11\tInformation supplied to vendor\n2017-04-11\tVendor acknowledges that the information is received\n2017-04-17\tVendor acknowledges SQL injection\n2017-05-08\tCVE IDs for all issues requested\n2017-05-08\tCVE IDs assigned\n2017-05-11\tVendor informed about CVE IDs\n2017-05-29\tVersion provided to X41 for testing\n2017-05-31\tFirst test results send back to the vendor\n2017-06-01\tRemaining test results send back to the vendor\n2017-06-05\tCoordinated Firmware and Advisory release\n\n-- \nX41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen\nT: +49 241 9809418-0, Fax: -9\nUnternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989\nGeschA$?ftsfA1/4hrer: Markus Vervier\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8838"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004610"
},
{
"db": "CNVD",
"id": "CNVD-2017-09522"
},
{
"db": "VULHUB",
"id": "VHN-117041"
},
{
"db": "PACKETSTORM",
"id": "142801"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-117041",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117041"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8838",
"trust": 3.2
},
{
"db": "EXPLOIT-DB",
"id": "42130",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004610",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201705-327",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-09522",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117041",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142801",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09522"
},
{
"db": "VULHUB",
"id": "VHN-117041"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004610"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8838"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-327"
}
]
},
"id": "VAR-201706-0990",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09522"
},
{
"db": "VULHUB",
"id": "VHN-117041"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09522"
}
]
},
"last_update_date": "2023-12-18T12:29:34.287000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Peplink Balance",
"trust": 0.8,
"url": "https://www.peplink.com/products/balance/"
},
{
"title": "Patches for cross-site scripting vulnerabilities in several PeplinkBalance products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/95359"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09522"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004610"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117041"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004610"
},
{
"db": "NVD",
"id": "CVE-2017-8838"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/"
},
{
"trust": 2.3,
"url": "http://seclists.org/bugtraq/2017/jun/1"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/42130/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8838"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8841"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/hasync/hasync.cgi?debug=1\u0026syncid=123%3cscript%3ealert%281%29%3c/script%3e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8837"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8839"
},
{
"trust": 0.1,
"url": "https://www.peplink.com/"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/manga/admin.cgi."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8836"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/manga/admin.cgi\""
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8840"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09522"
},
{
"db": "VULHUB",
"id": "VHN-117041"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004610"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8838"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-327"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-09522"
},
{
"db": "VULHUB",
"id": "VHN-117041"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004610"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8838"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-327"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-09522"
},
{
"date": "2017-06-05T00:00:00",
"db": "VULHUB",
"id": "VHN-117041"
},
{
"date": "2017-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004610"
},
{
"date": "2017-06-05T18:59:14",
"db": "PACKETSTORM",
"id": "142801"
},
{
"date": "2017-06-05T14:29:00.513000",
"db": "NVD",
"id": "CVE-2017-8838"
},
{
"date": "2017-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-327"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-09522"
},
{
"date": "2017-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-117041"
},
{
"date": "2017-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004610"
},
{
"date": "2017-08-13T01:29:22.570000",
"db": "NVD",
"id": "CVE-2017-8838"
},
{
"date": "2017-06-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-327"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-327"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Peplink Balance Device product firmware cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004610"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-327"
}
],
"trust": 0.6
}
}
VAR-201706-0992
Vulnerability from variot - Updated: 2023-12-18 12:29Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA Group ID, Virtual IP, and Submitted syncid. PeplinkBalance305 is a multi-export load balancing router for medium-sized enterprises. Peplink Balance 305 etc. The following products are affected: Peplink Balance 305; 380; 580; 710; 1350; 2500. X41 D-Sec GmbH Security Advisory: X41-2017-005
Multiple Vulnerabilities in peplink balance routers
Overview
Confirmed Affected Versions: 7.0.0-build1904 Confirmed Patched Versions: fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.bin Vulnerable Firmware: fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.0-build1904.bin Models: Balance Routers 305, 380, 580, 710, 1350, 2500 Vendor: Peplink Vendor URL: https://www.peplink.com/ Vector: Network Credit: X41 D-Sec GmbH, Eric Sesterhenn Additional Credits: Claus Overbeck (Abovo IT) Status: Public Advisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/
Summary and Impact
Several issues have been identified, which allow attackers to access the administrative web interface with admin credentials, delete files, perform CSRF and XSS attacks.
Product Description
From the vendor webpage: Use Load Balancing and SpeedFusion bandwidth bonding to deliver superfast VoIP, video streaming, and data using an SD-WAN enabled network. Even with a basic Balance 20 dual-WAN router, you can mix different transport technologies and providers to keep your network up when individual links go down. Switching between links is automatic and seamless.
SQL Injection via bauth Cookie
Severity Rating: Critical Vector: Network CVE: CVE-2017-8835 CWE: 89 CVSS Score: 9.8 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary and Impact
Peplink devices are vulnerable to an SQL injection attack via the bauth cookie parameter which is set e.g. when accessing https://ip/cgi-bin/MANGA/admin.cgi.
The injection can be checked with the following command:
./sqlmap.py -u "https://ip/cgi-bin/MANGA/admin.cgi" --cookie="bauth=csOWLxU4BvoMfhY2rHLVFm1EmZWV74zinla9IVclqrYxH16426647" -p"bauth" --level 5 --risk 3 --dbms sqlite --technique=BEUSQ --flush-session -t trace.log --prefix "'" --suffix "--" -a
The vulnerability in the Peplink device allows to access the SQLite session database containing user and session variables. By using the the following cookie in a web request, it is possible to select a running administrator session to be used for the attackers login.
bauth=-12' or id IN (select s.id from sessions as s left join sessionsvariables as v on v.id=s.id where v.name='rwa' and v.value='1') or '1'='2
By forming specialised SQL queries, it is possible to retrieve usernames from the database. This worked by returning a valid session in case the username existed and no session if it did not exist. In the first case the server did not set a new session cookie in the response to the request.
SELECT id FROM sessions WHERE sessionid = '-14' or id IN (select s.id from sessions as s left join sessionsvariables as v on v.id=s.id where v.name='username' and substr(v.value,1,3)='adm')
Workarounds
Install vendor supplied update.
No CSRF Protection
Severity Rating: Medium Vector: Network CVE: CVE-2017-8836 CWE: 352 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
The CGI scripts in the administrative interface are not protected against cross site request forgery attacks. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface.
Workarounds
Install vendor supplied update.
Passwords stored in Cleartext
Severity Rating: Medium Vector: Network CVE: CVE-2017-8837 CWE: 256 CVSS Score: 4.0 CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary and Impact
The Peplink devices store passwords in cleartext in the files /etc/waipass and /etc/roapass. In case one of these devices is compromised the attacker can gain access to the cleartext passwords and abuse them to compromise further systems.
Workarounds
Install vendor supplied update.
XSS via syncid Parameter
Severity Rating: Medium Vector: Network CVE: CVE-2017-8838 CWE: 80 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
If the webinterface is accessible, it is possible to abuse the syncid parameter to trigger a cross-site-scripting issue by calling https://ip/cgi-bin/HASync/hasync.cgi?debug=1&syncid=123%3Cscript%3Ealert%281%29%3C/script%3E
This executes the JavaScript in the victims browser, which can be abused to steal session cookies.
Workarounds
Install vendor supplied update.
XSS via preview.cgi
Severity Rating: Medium Vector: Network CVE: CVE-2017-8839 CWE: 80 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
If the webinterface is accessible, it is possible to abuse the the orig_url parameter to trigger a cross-site-scripting issue in /guest/preview.cgi. The injection is directly into existing JavaScript.
This executes the JavaScript in the victims browser, which can be abused to steal session cookies.
Workarounds
Install vendor supplied update.
File Deletion
Severity Rating: Medium Vector: Network CVE: CVE-2017-8841 CWE: 73 CVSS Score: 6.5 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary and Impact
A logged in user can delete arbitrary files on the Peplink devices, by abusing the /cgi-bin/MANGA/firmware_process.cgi. When an absolute path is provided to the upfile.path parameter the file provided in the path is deleted during the process. This can be abused to cause a denial of service (DoS). In combination with the missing CSRF protection, this can be abused remotely via a logged in user.
Workarounds
Install vendor supplied update.
Workarounds
Install vendor supplied update.
About X41 D-Sec GmbH
X41 D-Sec is a provider of application security services. We focus on application code reviews, design review and security testing. X41 D-Sec GmbH was founded in 2015 by Markus Vervier. We support customers in various industries such as finance, software development and public institutions.
Timeline
2017-04-07 Issue found 2017-04-10 Vendor asked for security contact 2017-04-11 Vendor replied, send GPG key 2017-04-11 Information supplied to vendor 2017-04-11 Vendor acknowledges that the information is received 2017-04-17 Vendor acknowledges SQL injection 2017-05-08 CVE IDs for all issues requested 2017-05-08 CVE IDs assigned 2017-05-11 Vendor informed about CVE IDs 2017-05-29 Version provided to X41 for testing 2017-05-31 First test results send back to the vendor 2017-06-01 Remaining test results send back to the vendor 2017-06-05 Coordinated Firmware and Advisory release
-- X41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen T: +49 241 9809418-0, Fax: -9 Unternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989 GeschA$?ftsfA1/4hrer: Markus Vervier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-0992",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "710hw3",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "b305hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "580hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "380hw6",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "1350hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "2500",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "balance 1350",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 2500",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 305",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 380",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 580",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 710",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "2500"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "1350"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "710"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "580"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "380"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "305"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09521"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004684"
},
{
"db": "NVD",
"id": "CVE-2017-8840"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-325"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:b305hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_305:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:380hw6_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_380:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:580hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_580:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:710hw3_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_710:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:1350hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_1350:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:2500_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_2500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8840"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eric Sesterhenn, Claus Overbeck",
"sources": [
{
"db": "PACKETSTORM",
"id": "142801"
}
],
"trust": 0.1
},
"cve": "CVE-2017-8840",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-8840",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-09521",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-117043",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-8840",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-8840",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-09521",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-325",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-117043",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09521"
},
{
"db": "VULHUB",
"id": "VHN-117043"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004684"
},
{
"db": "NVD",
"id": "CVE-2017-8840"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-325"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA Group ID, Virtual IP, and Submitted syncid. PeplinkBalance305 is a multi-export load balancing router for medium-sized enterprises. Peplink Balance 305 etc. The following products are affected: Peplink Balance 305; 380; 580; 710; 1350; 2500. \nX41 D-Sec GmbH Security Advisory: X41-2017-005\n\nMultiple Vulnerabilities in peplink balance routers\n===================================================\n\nOverview\n--------\nConfirmed Affected Versions: 7.0.0-build1904\nConfirmed Patched Versions:\nfw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.bin\nVulnerable Firmware:\nfw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.0-build1904.bin\nModels: Balance Routers 305, 380, 580, 710, 1350, 2500\nVendor: Peplink\nVendor URL: https://www.peplink.com/\nVector: Network\nCredit: X41 D-Sec GmbH, Eric Sesterhenn\nAdditional Credits: Claus Overbeck (Abovo IT)\nStatus: Public\nAdvisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/\n\n\nSummary and Impact\n------------------\nSeveral issues have been identified, which allow attackers to access the\nadministrative web interface with admin credentials, delete files,\nperform CSRF and XSS attacks. \n\n\nProduct Description\n-------------------\nFrom the vendor webpage:\nUse Load Balancing and SpeedFusion bandwidth bonding to deliver\nsuperfast VoIP, video streaming, and data using an SD-WAN enabled\nnetwork. Even with a basic Balance 20 dual-WAN router, you can mix\ndifferent transport technologies and providers to keep your network up\nwhen individual links go down. Switching between links is automatic and\nseamless. \n\n\n\nSQL Injection via bauth Cookie\n==============================\nSeverity Rating: Critical\nVector: Network\nCVE: CVE-2017-8835\nCWE: 89\nCVSS Score: 9.8\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n\nSummary and Impact\n------------------\nPeplink devices are vulnerable to an SQL injection attack via the bauth\ncookie parameter which is set e.g. when accessing\nhttps://ip/cgi-bin/MANGA/admin.cgi. \n\nThe injection can be checked with the following command:\n\n./sqlmap.py -u \"https://ip/cgi-bin/MANGA/admin.cgi\"\n--cookie=\"bauth=csOWLxU4BvoMfhY2rHLVFm1EmZWV74zinla9IVclqrYxH16426647\"\n-p\"bauth\" --level 5 --risk 3 --dbms sqlite --technique=BEUSQ\n--flush-session -t trace.log --prefix \"\u0027\" --suffix \"--\" -a\n\nThe vulnerability in the Peplink device allows to access the SQLite\nsession database containing user and session variables. By using the the\nfollowing cookie in a web request, it is possible to select a running\nadministrator session to be used for the attackers login. \n\nbauth=-12\u0027 or id IN (select s.id from sessions as s left join\nsessionsvariables as v on v.id=s.id where v.name=\u0027rwa\u0027 and v.value=\u00271\u0027)\nor \u00271\u0027=\u00272\n\nBy forming specialised SQL queries, it is possible to retrieve usernames\nfrom the database. This worked by returning a valid session in case the\nusername existed and no session if it did not exist. In the first case\nthe server did not set a new session cookie in the response to the request. \n\nSELECT id FROM sessions WHERE sessionid = \u0027-14\u0027 or id IN (select s.id\nfrom sessions as s left join sessionsvariables as v on v.id=s.id where\nv.name=\u0027username\u0027 and substr(v.value,1,3)=\u0027adm\u0027)\n\n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\nNo CSRF Protection\n==================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8836\nCWE: 352\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nThe CGI scripts in the administrative interface are not protected\nagainst cross site request forgery attacks. This allows an attacker to\nexecute commands, if a logged in user visits a malicious website. This\ncan for example be used to change the credentials of the administrative\nwebinterface. \n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nPasswords stored in Cleartext\n=============================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8837\nCWE: 256\nCVSS Score: 4.0\nCVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n\nSummary and Impact\n------------------\nThe Peplink devices store passwords in cleartext in the files\n/etc/waipass and /etc/roapass. In case one of these devices is\ncompromised the attacker can gain access to the cleartext passwords and\nabuse them to compromise further systems. \n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nXSS via syncid Parameter\n========================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8838\nCWE: 80\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to abuse the syncid\nparameter to trigger a cross-site-scripting issue by calling\nhttps://ip/cgi-bin/HASync/hasync.cgi?debug=1\u0026syncid=123%3Cscript%3Ealert%281%29%3C/script%3E\n\nThis executes the JavaScript in the victims browser, which can be abused\nto steal session cookies. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nXSS via preview.cgi\n===================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8839\nCWE: 80\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to abuse the the\norig_url parameter to trigger a cross-site-scripting issue in\n/guest/preview.cgi. The injection is directly into existing JavaScript. \n\nThis executes the JavaScript in the victims browser, which can be abused\nto steal session cookies. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\nFile Deletion\n=============\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8841\nCWE: 73\nCVSS Score: 6.5\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H\n\nSummary and Impact\n------------------\nA logged in user can delete arbitrary files on the Peplink devices, by\nabusing the /cgi-bin/MANGA/firmware_process.cgi. When an absolute path\nis provided to the upfile.path parameter the file provided in the path\nis deleted during the process. This can be abused to cause a denial of\nservice (DoS). In combination with the missing CSRF protection, this can\nbe abused remotely via a logged in user. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nAbout X41 D-Sec GmbH\n--------------------\nX41 D-Sec is a provider of application security services. We focus on\napplication code reviews, design review and security testing. X41 D-Sec\nGmbH was founded in 2015 by Markus Vervier. We support customers in\nvarious industries such as finance, software development and public\ninstitutions. \n\nTimeline\n--------\n2017-04-07\tIssue found\n2017-04-10\tVendor asked for security contact\n2017-04-11\tVendor replied, send GPG key\n2017-04-11\tInformation supplied to vendor\n2017-04-11\tVendor acknowledges that the information is received\n2017-04-17\tVendor acknowledges SQL injection\n2017-05-08\tCVE IDs for all issues requested\n2017-05-08\tCVE IDs assigned\n2017-05-11\tVendor informed about CVE IDs\n2017-05-29\tVersion provided to X41 for testing\n2017-05-31\tFirst test results send back to the vendor\n2017-06-01\tRemaining test results send back to the vendor\n2017-06-05\tCoordinated Firmware and Advisory release\n\n-- \nX41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen\nT: +49 241 9809418-0, Fax: -9\nUnternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989\nGeschA$?ftsfA1/4hrer: Markus Vervier\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8840"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004684"
},
{
"db": "CNVD",
"id": "CNVD-2017-09521"
},
{
"db": "VULHUB",
"id": "VHN-117043"
},
{
"db": "PACKETSTORM",
"id": "142801"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-117043",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117043"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8840",
"trust": 3.2
},
{
"db": "EXPLOIT-DB",
"id": "42130",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004684",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201705-325",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-09521",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117043",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142801",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09521"
},
{
"db": "VULHUB",
"id": "VHN-117043"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004684"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8840"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-325"
}
]
},
"id": "VAR-201706-0992",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09521"
},
{
"db": "VULHUB",
"id": "VHN-117043"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09521"
}
]
},
"last_update_date": "2023-12-18T12:29:34.254000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Peplink Balance",
"trust": 0.8,
"url": "https://www.peplink.com/products/balance/"
},
{
"title": "Patches for information disclosure vulnerabilities in various PeplinkBalance products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/95361"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09521"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004684"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117043"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004684"
},
{
"db": "NVD",
"id": "CVE-2017-8840"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/"
},
{
"trust": 2.3,
"url": "http://seclists.org/bugtraq/2017/jun/1"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/42130/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8840"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8841"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8838"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/hasync/hasync.cgi?debug=1\u0026syncid=123%3cscript%3ealert%281%29%3c/script%3e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8837"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8839"
},
{
"trust": 0.1,
"url": "https://www.peplink.com/"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/manga/admin.cgi."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8836"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/manga/admin.cgi\""
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09521"
},
{
"db": "VULHUB",
"id": "VHN-117043"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004684"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8840"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-325"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-09521"
},
{
"db": "VULHUB",
"id": "VHN-117043"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004684"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8840"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-325"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-09521"
},
{
"date": "2017-06-05T00:00:00",
"db": "VULHUB",
"id": "VHN-117043"
},
{
"date": "2017-07-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004684"
},
{
"date": "2017-06-05T18:59:14",
"db": "PACKETSTORM",
"id": "142801"
},
{
"date": "2017-06-05T14:29:00.577000",
"db": "NVD",
"id": "CVE-2017-8840"
},
{
"date": "2017-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-325"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-09521"
},
{
"date": "2017-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-117043"
},
{
"date": "2017-07-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004684"
},
{
"date": "2017-08-13T01:29:22.727000",
"db": "NVD",
"id": "CVE-2017-8840"
},
{
"date": "2017-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-325"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-325"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Peplink Balance Information disclosure vulnerability in device product firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004684"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-325"
}
],
"trust": 0.6
}
}
VAR-201706-0988
Vulnerability from variot - Updated: 2023-12-18 12:29CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface. plural Peplink Balance Device product firmware contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. PeplinkBalance305 is a multi-export load balancing router for medium-sized enterprises. A cross-site request forgery vulnerability exists in various PeplinkBalance products using firmware versions prior to fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_500hw3_1350hw2_2500-7.0.1-build2093. This vulnerability stems from the protection of CGI scripts from the management interface from cross-site request forgery attacks. Peplink Balance 305 etc. The following products are affected: Peplink Balance 305; 380; 580; 710; 1350; 2500. X41 D-Sec GmbH Security Advisory: X41-2017-005
Multiple Vulnerabilities in peplink balance routers
Overview
Confirmed Affected Versions: 7.0.0-build1904 Confirmed Patched Versions: fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.bin Vulnerable Firmware: fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.0-build1904.bin Models: Balance Routers 305, 380, 580, 710, 1350, 2500 Vendor: Peplink Vendor URL: https://www.peplink.com/ Vector: Network Credit: X41 D-Sec GmbH, Eric Sesterhenn Additional Credits: Claus Overbeck (Abovo IT) Status: Public Advisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/
Summary and Impact
Several issues have been identified, which allow attackers to access the administrative web interface with admin credentials, delete files, perform CSRF and XSS attacks.
Product Description
From the vendor webpage: Use Load Balancing and SpeedFusion bandwidth bonding to deliver superfast VoIP, video streaming, and data using an SD-WAN enabled network. Even with a basic Balance 20 dual-WAN router, you can mix different transport technologies and providers to keep your network up when individual links go down. Switching between links is automatic and seamless.
SQL Injection via bauth Cookie
Severity Rating: Critical Vector: Network CVE: CVE-2017-8835 CWE: 89 CVSS Score: 9.8 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary and Impact
Peplink devices are vulnerable to an SQL injection attack via the bauth cookie parameter which is set e.g. when accessing https://ip/cgi-bin/MANGA/admin.cgi.
The injection can be checked with the following command:
./sqlmap.py -u "https://ip/cgi-bin/MANGA/admin.cgi" --cookie="bauth=csOWLxU4BvoMfhY2rHLVFm1EmZWV74zinla9IVclqrYxH16426647" -p"bauth" --level 5 --risk 3 --dbms sqlite --technique=BEUSQ --flush-session -t trace.log --prefix "'" --suffix "--" -a
The vulnerability in the Peplink device allows to access the SQLite session database containing user and session variables. By using the the following cookie in a web request, it is possible to select a running administrator session to be used for the attackers login.
bauth=-12' or id IN (select s.id from sessions as s left join sessionsvariables as v on v.id=s.id where v.name='rwa' and v.value='1') or '1'='2
By forming specialised SQL queries, it is possible to retrieve usernames from the database. This worked by returning a valid session in case the username existed and no session if it did not exist. In the first case the server did not set a new session cookie in the response to the request.
SELECT id FROM sessions WHERE sessionid = '-14' or id IN (select s.id from sessions as s left join sessionsvariables as v on v.id=s.id where v.name='username' and substr(v.value,1,3)='adm')
Workarounds
Install vendor supplied update.
Workarounds
Install vendor supplied update.
Passwords stored in Cleartext
Severity Rating: Medium Vector: Network CVE: CVE-2017-8837 CWE: 256 CVSS Score: 4.0 CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary and Impact
The Peplink devices store passwords in cleartext in the files /etc/waipass and /etc/roapass. In case one of these devices is compromised the attacker can gain access to the cleartext passwords and abuse them to compromise further systems.
Workarounds
Install vendor supplied update.
XSS via syncid Parameter
Severity Rating: Medium Vector: Network CVE: CVE-2017-8838 CWE: 80 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
If the webinterface is accessible, it is possible to abuse the syncid parameter to trigger a cross-site-scripting issue by calling https://ip/cgi-bin/HASync/hasync.cgi?debug=1&syncid=123%3Cscript%3Ealert%281%29%3C/script%3E
This executes the JavaScript in the victims browser, which can be abused to steal session cookies.
Workarounds
Install vendor supplied update.
XSS via preview.cgi
Severity Rating: Medium Vector: Network CVE: CVE-2017-8839 CWE: 80 CVSS Score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary and Impact
If the webinterface is accessible, it is possible to abuse the the orig_url parameter to trigger a cross-site-scripting issue in /guest/preview.cgi. The injection is directly into existing JavaScript.
This executes the JavaScript in the victims browser, which can be abused to steal session cookies.
Workarounds
Install vendor supplied update.
File Deletion
Severity Rating: Medium Vector: Network CVE: CVE-2017-8841 CWE: 73 CVSS Score: 6.5 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary and Impact
A logged in user can delete arbitrary files on the Peplink devices, by abusing the /cgi-bin/MANGA/firmware_process.cgi. When an absolute path is provided to the upfile.path parameter the file provided in the path is deleted during the process. This can be abused to cause a denial of service (DoS). In combination with the missing CSRF protection, this can be abused remotely via a logged in user.
Workarounds
Install vendor supplied update.
Information Disclosure
Severity Rating: Medium Vector: Network CVE: CVE-2017-8840 CWE: 200 CVSS Score: 5.3 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary and Impact
If the webinterface is accessible, it is possible to retrieve sensitive information without a valid login by opening cgi-bin/HASync/hasync.cgi?debug=1
This displays the following:
-----8<------------------------------------------------ Master LAN Address = [ / ] Serial Number = [ ] HA Group ID = [ ] Virtual IP = [ / ] Submitted syncid = [ ] -----8<------------------------------------------------
This information can be valuable for an attacker to exploit other issues.
Workarounds
Install vendor supplied update.
About X41 D-Sec GmbH
X41 D-Sec is a provider of application security services. We focus on application code reviews, design review and security testing. X41 D-Sec GmbH was founded in 2015 by Markus Vervier. We support customers in various industries such as finance, software development and public institutions.
Timeline
2017-04-07 Issue found 2017-04-10 Vendor asked for security contact 2017-04-11 Vendor replied, send GPG key 2017-04-11 Information supplied to vendor 2017-04-11 Vendor acknowledges that the information is received 2017-04-17 Vendor acknowledges SQL injection 2017-05-08 CVE IDs for all issues requested 2017-05-08 CVE IDs assigned 2017-05-11 Vendor informed about CVE IDs 2017-05-29 Version provided to X41 for testing 2017-05-31 First test results send back to the vendor 2017-06-01 Remaining test results send back to the vendor 2017-06-05 Coordinated Firmware and Advisory release
-- X41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen T: +49 241 9809418-0, Fax: -9 Unternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989 GeschA$?ftsfA1/4hrer: Markus Vervier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-0988",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "710hw3",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "b305hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "580hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "380hw6",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "1350hw2",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "2500",
"scope": "eq",
"trust": 1.6,
"vendor": "peplink",
"version": "7.0.1"
},
{
"model": "balance 1350",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 2500",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 305",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 380",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 580",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance 710",
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "2500"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "1350"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "710"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "580"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "380"
},
{
"model": "balance",
"scope": "eq",
"trust": 0.6,
"vendor": "peplink",
"version": "305"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09524"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004609"
},
{
"db": "NVD",
"id": "CVE-2017-8836"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-329"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:b305hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_305:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:380hw6_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_380:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:580hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_580:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:710hw3_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_710:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:1350hw2_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_1350:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:peplink:2500_firmware:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:peplink:balance_2500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8836"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eric Sesterhenn, Claus Overbeck",
"sources": [
{
"db": "PACKETSTORM",
"id": "142801"
}
],
"trust": 0.1
},
"cve": "CVE-2017-8836",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-8836",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-09524",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-117039",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-8836",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-8836",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-09524",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-329",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-117039",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09524"
},
{
"db": "VULHUB",
"id": "VHN-117039"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004609"
},
{
"db": "NVD",
"id": "CVE-2017-8836"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-329"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface. plural Peplink Balance Device product firmware contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. PeplinkBalance305 is a multi-export load balancing router for medium-sized enterprises. A cross-site request forgery vulnerability exists in various PeplinkBalance products using firmware versions prior to fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_500hw3_1350hw2_2500-7.0.1-build2093. This vulnerability stems from the protection of CGI scripts from the management interface from cross-site request forgery attacks. Peplink Balance 305 etc. The following products are affected: Peplink Balance 305; 380; 580; 710; 1350; 2500. \nX41 D-Sec GmbH Security Advisory: X41-2017-005\n\nMultiple Vulnerabilities in peplink balance routers\n===================================================\n\nOverview\n--------\nConfirmed Affected Versions: 7.0.0-build1904\nConfirmed Patched Versions:\nfw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093.bin\nVulnerable Firmware:\nfw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.0-build1904.bin\nModels: Balance Routers 305, 380, 580, 710, 1350, 2500\nVendor: Peplink\nVendor URL: https://www.peplink.com/\nVector: Network\nCredit: X41 D-Sec GmbH, Eric Sesterhenn\nAdditional Credits: Claus Overbeck (Abovo IT)\nStatus: Public\nAdvisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/\n\n\nSummary and Impact\n------------------\nSeveral issues have been identified, which allow attackers to access the\nadministrative web interface with admin credentials, delete files,\nperform CSRF and XSS attacks. \n\n\nProduct Description\n-------------------\nFrom the vendor webpage:\nUse Load Balancing and SpeedFusion bandwidth bonding to deliver\nsuperfast VoIP, video streaming, and data using an SD-WAN enabled\nnetwork. Even with a basic Balance 20 dual-WAN router, you can mix\ndifferent transport technologies and providers to keep your network up\nwhen individual links go down. Switching between links is automatic and\nseamless. \n\n\n\nSQL Injection via bauth Cookie\n==============================\nSeverity Rating: Critical\nVector: Network\nCVE: CVE-2017-8835\nCWE: 89\nCVSS Score: 9.8\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n\nSummary and Impact\n------------------\nPeplink devices are vulnerable to an SQL injection attack via the bauth\ncookie parameter which is set e.g. when accessing\nhttps://ip/cgi-bin/MANGA/admin.cgi. \n\nThe injection can be checked with the following command:\n\n./sqlmap.py -u \"https://ip/cgi-bin/MANGA/admin.cgi\"\n--cookie=\"bauth=csOWLxU4BvoMfhY2rHLVFm1EmZWV74zinla9IVclqrYxH16426647\"\n-p\"bauth\" --level 5 --risk 3 --dbms sqlite --technique=BEUSQ\n--flush-session -t trace.log --prefix \"\u0027\" --suffix \"--\" -a\n\nThe vulnerability in the Peplink device allows to access the SQLite\nsession database containing user and session variables. By using the the\nfollowing cookie in a web request, it is possible to select a running\nadministrator session to be used for the attackers login. \n\nbauth=-12\u0027 or id IN (select s.id from sessions as s left join\nsessionsvariables as v on v.id=s.id where v.name=\u0027rwa\u0027 and v.value=\u00271\u0027)\nor \u00271\u0027=\u00272\n\nBy forming specialised SQL queries, it is possible to retrieve usernames\nfrom the database. This worked by returning a valid session in case the\nusername existed and no session if it did not exist. In the first case\nthe server did not set a new session cookie in the response to the request. \n\nSELECT id FROM sessions WHERE sessionid = \u0027-14\u0027 or id IN (select s.id\nfrom sessions as s left join sessionsvariables as v on v.id=s.id where\nv.name=\u0027username\u0027 and substr(v.value,1,3)=\u0027adm\u0027)\n\n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nPasswords stored in Cleartext\n=============================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8837\nCWE: 256\nCVSS Score: 4.0\nCVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n\nSummary and Impact\n------------------\nThe Peplink devices store passwords in cleartext in the files\n/etc/waipass and /etc/roapass. In case one of these devices is\ncompromised the attacker can gain access to the cleartext passwords and\nabuse them to compromise further systems. \n\n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nXSS via syncid Parameter\n========================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8838\nCWE: 80\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to abuse the syncid\nparameter to trigger a cross-site-scripting issue by calling\nhttps://ip/cgi-bin/HASync/hasync.cgi?debug=1\u0026syncid=123%3Cscript%3Ealert%281%29%3C/script%3E\n\nThis executes the JavaScript in the victims browser, which can be abused\nto steal session cookies. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nXSS via preview.cgi\n===================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8839\nCWE: 80\nCVSS Score: 5.4\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to abuse the the\norig_url parameter to trigger a cross-site-scripting issue in\n/guest/preview.cgi. The injection is directly into existing JavaScript. \n\nThis executes the JavaScript in the victims browser, which can be abused\nto steal session cookies. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\nFile Deletion\n=============\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8841\nCWE: 73\nCVSS Score: 6.5\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H\n\nSummary and Impact\n------------------\nA logged in user can delete arbitrary files on the Peplink devices, by\nabusing the /cgi-bin/MANGA/firmware_process.cgi. When an absolute path\nis provided to the upfile.path parameter the file provided in the path\nis deleted during the process. This can be abused to cause a denial of\nservice (DoS). In combination with the missing CSRF protection, this can\nbe abused remotely via a logged in user. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nInformation Disclosure\n======================\nSeverity Rating: Medium\nVector: Network\nCVE: CVE-2017-8840\nCWE: 200\nCVSS Score: 5.3\nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n\nSummary and Impact\n------------------\nIf the webinterface is accessible, it is possible to retrieve sensitive\ninformation without a valid login by opening\ncgi-bin/HASync/hasync.cgi?debug=1\n\nThis displays the following:\n\n-----8\u003c------------------------------------------------\nMaster LAN Address = [ \u003cinternal ip\u003e / \u003cnetmask\u003e ]\nSerial Number = [ \u003cserial number\u003e ]\nHA Group ID = [ \u003cgroup id\u003e ]\nVirtual IP = [ \u003cinternal ip\u003e / \u003cnetmask\u003e ]\nSubmitted syncid = [ \u003csyncid\u003e ]\n-----8\u003c------------------------------------------------\n\nThis information can be valuable for an attacker to exploit other issues. \n\nWorkarounds\n-----------\nInstall vendor supplied update. \n\n\n\n\nAbout X41 D-Sec GmbH\n--------------------\nX41 D-Sec is a provider of application security services. We focus on\napplication code reviews, design review and security testing. X41 D-Sec\nGmbH was founded in 2015 by Markus Vervier. We support customers in\nvarious industries such as finance, software development and public\ninstitutions. \n\nTimeline\n--------\n2017-04-07\tIssue found\n2017-04-10\tVendor asked for security contact\n2017-04-11\tVendor replied, send GPG key\n2017-04-11\tInformation supplied to vendor\n2017-04-11\tVendor acknowledges that the information is received\n2017-04-17\tVendor acknowledges SQL injection\n2017-05-08\tCVE IDs for all issues requested\n2017-05-08\tCVE IDs assigned\n2017-05-11\tVendor informed about CVE IDs\n2017-05-29\tVersion provided to X41 for testing\n2017-05-31\tFirst test results send back to the vendor\n2017-06-01\tRemaining test results send back to the vendor\n2017-06-05\tCoordinated Firmware and Advisory release\n\n-- \nX41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen\nT: +49 241 9809418-0, Fax: -9\nUnternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989\nGeschA$?ftsfA1/4hrer: Markus Vervier\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8836"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004609"
},
{
"db": "CNVD",
"id": "CNVD-2017-09524"
},
{
"db": "VULHUB",
"id": "VHN-117039"
},
{
"db": "PACKETSTORM",
"id": "142801"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-117039",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117039"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8836",
"trust": 3.2
},
{
"db": "EXPLOIT-DB",
"id": "42130",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004609",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201705-329",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-09524",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117039",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142801",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09524"
},
{
"db": "VULHUB",
"id": "VHN-117039"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004609"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8836"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-329"
}
]
},
"id": "VAR-201706-0988",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09524"
},
{
"db": "VULHUB",
"id": "VHN-117039"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09524"
}
]
},
"last_update_date": "2023-12-18T12:29:34.221000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Peplink Balance",
"trust": 0.8,
"url": "https://www.peplink.com/products/balance/"
},
{
"title": "Patches for cross-site request forgery vulnerabilities in various PeplinkBalance products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/95357"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09524"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004609"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117039"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004609"
},
{
"db": "NVD",
"id": "CVE-2017-8836"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/"
},
{
"trust": 2.3,
"url": "http://seclists.org/bugtraq/2017/jun/1"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/42130/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8836"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8841"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8838"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/hasync/hasync.cgi?debug=1\u0026syncid=123%3cscript%3ealert%281%29%3c/script%3e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8837"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8839"
},
{
"trust": 0.1,
"url": "https://www.peplink.com/"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/manga/admin.cgi."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8835"
},
{
"trust": 0.1,
"url": "https://ip/cgi-bin/manga/admin.cgi\""
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8840"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-09524"
},
{
"db": "VULHUB",
"id": "VHN-117039"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004609"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8836"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-329"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-09524"
},
{
"db": "VULHUB",
"id": "VHN-117039"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004609"
},
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "NVD",
"id": "CVE-2017-8836"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-329"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-09524"
},
{
"date": "2017-06-05T00:00:00",
"db": "VULHUB",
"id": "VHN-117039"
},
{
"date": "2017-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004609"
},
{
"date": "2017-06-05T18:59:14",
"db": "PACKETSTORM",
"id": "142801"
},
{
"date": "2017-06-05T14:29:00.450000",
"db": "NVD",
"id": "CVE-2017-8836"
},
{
"date": "2017-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-329"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-09524"
},
{
"date": "2017-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-117039"
},
{
"date": "2017-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004609"
},
{
"date": "2017-08-13T01:29:22.397000",
"db": "NVD",
"id": "CVE-2017-8836"
},
{
"date": "2017-06-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-329"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "142801"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-329"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Peplink Balance Cross-site request forgery vulnerability in device product firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004609"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-329"
}
],
"trust": 0.6
}
}
VAR-201710-0208
Vulnerability from variot - Updated: 2023-12-18 11:53Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The IGTK group key reloading vulnerability exists in the WPA2 wireless network. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).
An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.
For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.
For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.
For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.
We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017
wpa vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in wpa_supplicant.
Software Description: - wpa: client support for WPA and WPA2
Details:
Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1
Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2
Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5
After a standard system update you need to reboot your computer to make all the necessary changes.
References: https://www.ubuntu.com/usn/usn-3455-1 CVE-2016-4476, CVE-2016-4477, CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
Package Information: https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1 https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2 https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5
.
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. This is the list of vulnerabilities that are addressed here: CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake. CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake. CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz
MD5 signatures: +-------------+
Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz
Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project
Topic: WPA2 protocol vulnerability
Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
- Revision history
v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.
I.
hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.
II. Problem Description
A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.
III. Impact
Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.
IV. Workaround
An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:
wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"
and restart networking.
An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:
hostapd_program="/usr/local/sbin/hostapd"
and restart hostapd.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc
gpg --verify wpa-11.patch.asc
[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc
gpg --verify wpa-10.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0208",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "12"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "12"
},
{
"model": "openstack cloud",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "6"
},
{
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "11"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "*"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "9front",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aerohive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "android open source",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "barracuda",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "broadcom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "centos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cradlepoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cypress semiconductor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "digi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "draytek",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "edimax computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "endian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "espressif",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hostap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipfire",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lancom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lede",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lifx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microchip",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mojo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nest",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netgear",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opnsense",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "omnirom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "open mesh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverbed",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "samsung mobile",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sony",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sophos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tp link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "texas instruments",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba commerce",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba electronic devices storage",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba memory",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turris omnia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "volumio",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xiaomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xirrus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zebra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dd wrt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "eero",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pfsense",
"version": null
},
{
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "freebsd",
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "linux enterprise desktop",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise point of sale",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "openstack cloud",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "hostapd",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "wpa supplicant",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "enterprise linux server",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "sr-m20ac1",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "sr-m20ac2",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "alliance wi-fi protected access 2",
"scope": null,
"trust": 0.6,
"vendor": "wi fi",
"version": null
},
{
"model": "scalance w-700",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux desktop",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux server",
"version": "11"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.1"
},
{
"model": "pyxis supplystation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "sinamics smart access module",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v200"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.27.3264"
},
{
"model": "meraki mr34",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ck71a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2.0"
},
{
"model": "macbook air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18500"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.0"
},
{
"model": "meraki mr26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28000"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr84",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "510x0"
},
{
"model": "windows server r2 for itanium-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "contact itc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "81130"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.0.0"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr18",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.3"
},
{
"model": "scalance w1750d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "secure ii med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "210x0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "aironet access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "wap371 wireless-ac n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "contact rad-80211-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "contact fl wlan dap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.25"
},
{
"model": "pyxis medstation es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88210"
},
{
"model": "pyxis stockstation system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "macbook",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.2"
},
{
"model": "scalance wlc712",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "contact fl wlan spa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "meraki mr62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic et200 pro im154-6 pn iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "tropos broadband mesh routers and bridges",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.2"
},
{
"model": "meraki mr33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "micros handheld terminal",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.2"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.6"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "110x0"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.4"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "contact fl comserver wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "232/422/4850"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.8"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7."
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1.91.3272"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.9"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "230802-110"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.1"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr14",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18150"
},
{
"model": "wireless client bridge 2.0.0.1-aruba501-b00",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.2"
},
{
"model": "airport express",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr16",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clarity engine",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0"
},
{
"model": "meraki mr30h",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0"
},
{
"model": "contact bl2 bpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "watch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "4.0"
},
{
"model": "ruggedcom rx1400",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "cn70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "pyxis parx handheld",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.40.100"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "meraki mr42",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.6"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.3"
},
{
"model": "wap561 wireless-n dual radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.26.3000"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6"
},
{
"model": "tvos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "contact rad-whg/wlan-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.3"
},
{
"model": "wi-fi update for boot camp",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.4.0"
},
{
"model": "suremark printer 2nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.0.0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.8"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "pyxis supply roller",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3"
},
{
"model": "telepresence collaboration endpoint",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2.61.3535"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "70xx0"
},
{
"model": "imac",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr72",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.25.3001"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2"
},
{
"model": "meraki mr53",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "wap551 wireless-n single radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.0.0"
},
{
"model": "wap121 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.5"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.0.1000"
},
{
"model": "wireless client bridge 1.0.1.3-hp501-b0012",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "i.roc ci70-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.0.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1"
},
{
"model": "cn70e-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.0.0.0"
},
{
"model": "meraki mr24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "suremark printer 1nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "50xx0"
},
{
"model": "meraki mr74",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.15"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.20"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.1"
},
{
"model": "systems esp32",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "micros handheld terminal 2.03.0.0.021r",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "38000"
},
{
"model": "pyxis parx",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dx70",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1.9"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2141"
},
{
"model": "pyxis anesthesia es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "aironet series officeextend access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18100"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.55.3000"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "meraki mr66",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2131"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.2"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18300"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.0.50.1004"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.1.0"
},
{
"model": "wap321 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic iwlan-pb/link",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "aironet 1810w series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr52",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr12",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airmesh msr",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.20"
},
{
"model": "watchos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "contact fl wlan ec",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.8"
},
{
"model": "systems esp8266",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "pad-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.0.1205"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88610"
},
{
"model": "clarity engine",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0.0.1"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15600"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.5"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.8"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "meraki mr58",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.2"
},
{
"model": "pyxis parassist system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0"
},
{
"model": "simatic mobile panel 277 iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "pyxis medstation t2",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.0.0"
},
{
"model": "wi-fi update for boot camp",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "30xx0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.6"
},
{
"model": "wireless client bridge",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "5010"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.5"
},
{
"model": "meraki mr11",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "35000"
},
{
"model": "automation stratix 15.3 jc1",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "5100"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "pyxis ciisafe workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "??0"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.0.0"
},
{
"model": "ipad air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1.71.3608"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.41.3024"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "dx80",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.0"
},
{
"model": "contact bl2 ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "contact tpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "60130"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1"
},
{
"model": "ck70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.20"
},
{
"model": "macbook pro",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.8"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.4"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.2"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.3"
},
{
"model": "tab-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "macmini",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.16"
},
{
"model": "contact fl wlan epa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "airport time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "alliance wpa2 (wi-fi protected access",
"scope": "eq",
"trust": 0.3,
"vendor": "wi fi",
"version": "2)0"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.9"
},
{
"model": "scalance wlc711",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "ruggedcom rs9xxw",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.15"
},
{
"model": "networks unifi access point",
"scope": "eq",
"trust": 0.3,
"vendor": "ubiquiti",
"version": "0"
},
{
"model": "suremark printer 2cr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88650"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "asa 5506w-x w/ firepower services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.9"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3005"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.0.0.0"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2010"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "14.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "16.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "17.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "9.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux desktop",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux point of sale",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openstack cloud",
"version": "6"
}
],
"sources": [
{
"db": "IVD",
"id": "99f194cf-017c-4d52-b709-25cd18723622"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30402"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009174"
},
{
"db": "NVD",
"id": "CVE-2017-13081"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-384"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13081"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
"sources": [
{
"db": "BID",
"id": "101274"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-384"
}
],
"trust": 0.9
},
"cve": "CVE-2017-13081",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13081",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CNVD-2017-30402",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "99f194cf-017c-4d52-b709-25cd18723622",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13081",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-13081",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-30402",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-384",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "99f194cf-017c-4d52-b709-25cd18723622",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-13081",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "99f194cf-017c-4d52-b709-25cd18723622"
},
{
"db": "CNVD",
"id": "CNVD-2017-30402"
},
{
"db": "VULMON",
"id": "CVE-2017-13081"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009174"
},
{
"db": "NVD",
"id": "CVE-2017-13081"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-384"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The IGTK group key reloading vulnerability exists in the WPA2 wireless network. WPA2 is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n hostapd 2.4-0ubuntu9.1\n wpasupplicant 2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n hostapd 2.4-0ubuntu6.2\n wpasupplicant 2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n hostapd 2.1-0ubuntu1.5\n wpasupplicant 2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nReferences:\n https://www.ubuntu.com/usn/usn-3455-1\n CVE-2016-4476, CVE-2016-4477, CVE-2017-13077, CVE-2017-13078,\n CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1\n https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2\n https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5\n\n\n. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. \n This update includes patches to mitigate the WPA2 protocol issues known\n as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n hijack TCP connections, and to forge and inject packets. This is the\n list of vulnerabilities that are addressed here:\n CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the\n 4-way handshake. \n CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake. \n CVE-2017-13080: Reinstallation of the group key (GTK) in the group key\n handshake. \n CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n while processing it. \n CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. \n CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)\n PeerKey (TPK) key in the TDLS handshake. \n For more information, see:\n https://www.krackattacks.com/\n https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa Security Advisory\n The FreeBSD Project\n\nTopic: WPA2 protocol vulnerability\n\nCategory: contrib\nModule: wpa\nAnnounced: 2017-10-16\nCredits: Mathy Vanhoef\nAffects: All supported versions of FreeBSD. \nCorrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0. Revision history\n\nv1.0 2017-10-17 Initial release. \nv1.1 2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII. Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV. Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/11/ r324697\nreleng/11.0/ r324698\nreleng/11.1/ r324699\nstable/10/ r324739\nreleng/10.3/ r324740\nreleng/10.4/ r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13081"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009174"
},
{
"db": "CNVD",
"id": "CNVD-2017-30402"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "IVD",
"id": "99f194cf-017c-4d52-b709-25cd18723622"
},
{
"db": "VULMON",
"id": "CVE-2017-13081"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "145228"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
}
],
"trust": 3.87
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#228519",
"trust": 4.2
},
{
"db": "NVD",
"id": "CVE-2017-13081",
"trust": 4.1
},
{
"db": "BID",
"id": "101274",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1039578",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039581",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039585",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039573",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039576",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039577",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-901333",
"trust": 1.7
},
{
"db": "CERT@VDE",
"id": "VDE-2017-005",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSMA-18-114-01",
"trust": 1.2
},
{
"db": "ICS CERT",
"id": "ICSMA-19-029-01",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-353-02",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-01",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2017-30402",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-384",
"trust": 0.8
},
{
"db": "LENOVO",
"id": "LEN-17420",
"trust": 0.8
},
{
"db": "JUNIPER",
"id": "JSA10827",
"trust": 0.8
},
{
"db": "DLINK",
"id": "SAP10075",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02A",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90609033",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009174",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.4125",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-299-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-325-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "99F194CF-017C-4D52-B709-25CD18723622",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2017-13081",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144632",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145228",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144663",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144669",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "99f194cf-017c-4d52-b709-25cd18723622"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30402"
},
{
"db": "VULMON",
"id": "CVE-2017-13081"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009174"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "145228"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "NVD",
"id": "CVE-2017-13081"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-384"
}
]
},
"id": "VAR-201710-0208",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "99f194cf-017c-4d52-b709-25cd18723622"
},
{
"db": "CNVD",
"id": "CNVD-2017-30402"
}
],
"trust": 1.3965711281818183
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "99f194cf-017c-4d52-b709-25cd18723622"
},
{
"db": "CNVD",
"id": "CNVD-2017-30402"
}
]
},
"last_update_date": "2023-12-18T11:53:12.522000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ARUBA-PSA-2017-007",
"trust": 0.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"title": "DSA-3999",
"trust": 0.8,
"url": "https://www.debian.org/security/2017/dsa-3999"
},
{
"title": "FreeBSD-SA-17:07.wpa",
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"title": "NV17-024",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
},
{
"title": "SUSE-SU-2017:2745",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"title": "SUSE-SU-2017:2752",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"title": "openSUSE-SU-2017:2755",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"title": "USN-3455-1",
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"title": "WPA packet number reuse with replayed messages and key reinstallation",
"trust": 0.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
},
{
"title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.iodata.jp/support/information/2017/wpa2/"
},
{
"title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/info/20171110/"
},
{
"title": "\\302\\240Patch for WPA2 Wireless Network IGTK Group Key Reload Vulnerability (CNVD-2017-30402)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/103822"
},
{
"title": "Multiple WiFi product WPA2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75498"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
},
{
"title": "Ubuntu Security Notice: linux-firmware vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3505-1"
},
{
"title": "Red Hat: CVE-2017-13081",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13081"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03582 rev. 2 - KRACK Vulnerability Affecting WPA2 Wireless Security",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=36b93bf3331f76d26d40fe1f638cd7b3"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13081"
},
{
"title": "HP: HPSBHF03582 rev. 2 - KRACK Vulnerability Affecting WPA2 Wireless Security",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbhf03582"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=8d6572a049179153e7106f494e1a3bca"
},
{
"title": "Debian CVElist Bug Report Logs: firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2e0affd9108e95fa2aa2c706c74cd8a9"
},
{
"title": "Ubuntu Security Notice: wpa vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3455-1"
},
{
"title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
},
{
"title": "HP: HPSBPI03574 rev. 1 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbpi03574"
},
{
"title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-23"
},
{
"title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-22"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHP Printing Security Advisory - KRACK Attacks Potential Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=159d2d394e685e849c1feb8bd9a2f58e"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=5acd9ad059fdc01fe064c5234e076a80"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
},
{
"title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "KRACK",
"trust": 0.1,
"url": "https://github.com/chinatso/krack "
},
{
"title": "krackinfo",
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/merlinepedra/krack "
},
{
"title": "nixos-issue-db-example",
"trust": 0.1,
"url": "https://github.com/andir/nixos-issue-db-example "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30402"
},
{
"db": "VULMON",
"id": "CVE-2017-13081"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009174"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-384"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009174"
},
{
"db": "NVD",
"id": "CVE-2017-13081"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://www.krackattacks.com/"
},
{
"trust": 3.3,
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"trust": 2.9,
"url": "http://www.securityfocus.com/bid/101274"
},
{
"trust": 2.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
},
{
"trust": 2.5,
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"trust": 2.5,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"trust": 1.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-3455-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039585"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039581"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039578"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039577"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039576"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039573"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.7,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03792en_us"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
},
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
},
{
"trust": 1.1,
"url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
},
{
"trust": 1.1,
"url": "https://w1.fi/security/2017-1/"
},
{
"trust": 1.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/323.html"
},
{
"trust": 0.8,
"url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
},
{
"trust": 0.8,
"url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
},
{
"trust": 0.8,
"url": "https://www.al-enterprise.com/en/support/security-alert-krack"
},
{
"trust": 0.8,
"url": "https://support.apple.com/en-gb/ht208222"
},
{
"trust": 0.8,
"url": "https://security.archlinux.org/avg-447"
},
{
"trust": 0.8,
"url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
},
{
"trust": 0.8,
"url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
},
{
"trust": 0.8,
"url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
},
{
"trust": 0.8,
"url": "https://community.cypress.com/docs/doc-13871"
},
{
"trust": 0.8,
"url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
},
{
"trust": 0.8,
"url": "http://www.dell.com/support/article/sln307822"
},
{
"trust": 0.8,
"url": "https://github.com/espressif/esp8266_nonos_sdk"
},
{
"trust": 0.8,
"url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
},
{
"trust": 0.8,
"url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
},
{
"trust": 0.8,
"url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
},
{
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 0.8,
"url": "https://bugs.gentoo.org/634440"
},
{
"trust": 0.8,
"url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
},
{
"trust": 0.8,
"url": "https://kb.juniper.net/jsa10827"
},
{
"trust": 0.8,
"url": "https://support.lenovo.com/ca/en/product_security/len-17420"
},
{
"trust": 0.8,
"url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
},
{
"trust": 0.8,
"url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
},
{
"trust": 0.8,
"url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
},
{
"trust": 0.8,
"url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
},
{
"trust": 0.8,
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
},
{
"trust": 0.8,
"url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
},
{
"trust": 0.8,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
},
{
"trust": 0.8,
"url": "https://community.sophos.com/kb/en-us/127658"
},
{
"trust": 0.8,
"url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
},
{
"trust": 0.8,
"url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
},
{
"trust": 0.8,
"url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
},
{
"trust": 0.8,
"url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
},
{
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"trust": 0.8,
"url": "http://en.miui.com/thread-954223-1-1.html"
},
{
"trust": 0.8,
"url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
},
{
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
},
{
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
},
{
"trust": 0.8,
"url": "https://community.rsa.com/docs/doc-84103"
},
{
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k23642330"
},
{
"trust": 0.8,
"url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
},
{
"trust": 0.8,
"url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90609033/index.html"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
},
{
"trust": 0.6,
"url": "https://www.kb.cert.org/vuls/id/228519/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
},
{
"trust": 0.3,
"url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
},
{
"trust": 0.3,
"url": "http://www.wi-fi.org/index.php"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-ie/ht208847"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208334"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208327"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208325"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13077"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13078"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13080"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13081"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13082"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13084"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13086"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13087"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13088"
},
{
"trust": 0.3,
"url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/330.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3505-1/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.169.1"
},
{
"trust": 0.1,
"url": "https://www.ubuntu.com/usn/usn-3505-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.164.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.157.14"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.127.24"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://www.krackattacks.com/\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30402"
},
{
"db": "VULMON",
"id": "CVE-2017-13081"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009174"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "145228"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "NVD",
"id": "CVE-2017-13081"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-384"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "99f194cf-017c-4d52-b709-25cd18723622"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30402"
},
{
"db": "VULMON",
"id": "CVE-2017-13081"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009174"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "145228"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "NVD",
"id": "CVE-2017-13081"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-384"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-17T00:00:00",
"db": "IVD",
"id": "99f194cf-017c-4d52-b709-25cd18723622"
},
{
"date": "2017-10-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30402"
},
{
"date": "2017-10-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13081"
},
{
"date": "2017-10-16T00:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2017-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009174"
},
{
"date": "2017-10-16T13:49:34",
"db": "PACKETSTORM",
"id": "144630"
},
{
"date": "2017-10-16T23:23:00",
"db": "PACKETSTORM",
"id": "144632"
},
{
"date": "2017-12-06T22:22:00",
"db": "PACKETSTORM",
"id": "145228"
},
{
"date": "2017-10-18T20:44:00",
"db": "PACKETSTORM",
"id": "144663"
},
{
"date": "2017-10-19T14:28:55",
"db": "PACKETSTORM",
"id": "144669"
},
{
"date": "2017-10-17T13:29:00.443000",
"db": "NVD",
"id": "CVE-2017-13081"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-384"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30402"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13081"
},
{
"date": "2019-02-21T09:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009174"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-13081"
},
{
"date": "2020-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-384"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-384"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-384"
}
],
"trust": 0.6
}
}
VAR-201710-0975
Vulnerability from variot - Updated: 2023-12-18 11:36Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WIG2 wireless network sleep mode has an IGTK key complete reload vulnerability. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================
- Summary:
An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues. Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm
ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm
ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm
s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).
An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.
For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.
For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.
For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.
We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017
wpa vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in wpa_supplicant.
Software Description: - wpa: client support for WPA and WPA2
Details:
Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1
Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2
Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5
After a standard system update you need to reboot your computer to make all the necessary changes.
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz
MD5 signatures: +-------------+
Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz
Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project
Topic: WPA2 protocol vulnerability
Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
- Revision history
v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.
I.
hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.
II. Problem Description
A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.
III. Impact
Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.
IV. Workaround
An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:
wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"
and restart networking.
An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:
hostapd_program="/usr/local/sbin/hostapd"
and restart hostapd.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc
gpg --verify wpa-11.patch.asc
[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc
gpg --verify wpa-10.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0975",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "12"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "12"
},
{
"model": "openstack cloud",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "6"
},
{
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "11"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "*"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "9front",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aerohive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "android open source",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "barracuda",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "broadcom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "centos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cradlepoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cypress semiconductor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "digi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "draytek",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "edimax computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "endian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "espressif",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hostap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipfire",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lancom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lede",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lifx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microchip",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mojo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nest",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netgear",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opnsense",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "omnirom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "open mesh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverbed",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "samsung mobile",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sony",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sophos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tp link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "texas instruments",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba commerce",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba electronic devices storage",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba memory",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turris omnia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "volumio",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xiaomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xirrus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zebra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dd wrt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "eero",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pfsense",
"version": null
},
{
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "freebsd",
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "linux enterprise desktop",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise point of sale",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "openstack cloud",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "hostapd",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "wpa supplicant",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "enterprise linux server",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "sr-m20ac1",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "sr-m20ac2",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "alliance wi-fi protected access 2",
"scope": null,
"trust": 0.6,
"vendor": "wi fi",
"version": null
},
{
"model": "scalance w-700",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux desktop",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux server",
"version": "11"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.1"
},
{
"model": "pyxis supplystation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "sinamics smart access module",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v200"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.27.3264"
},
{
"model": "meraki mr34",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ck71a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2.0"
},
{
"model": "macbook air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18500"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.0"
},
{
"model": "meraki mr26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28000"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr84",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "510x0"
},
{
"model": "windows server r2 for itanium-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "contact itc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "81130"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.0.0"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr18",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.3"
},
{
"model": "scalance w1750d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "secure ii med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "210x0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "aironet access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "wap371 wireless-ac n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "contact rad-80211-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "contact fl wlan dap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.25"
},
{
"model": "pyxis medstation es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88210"
},
{
"model": "pyxis stockstation system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "macbook",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.2"
},
{
"model": "scalance wlc712",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "contact fl wlan spa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "meraki mr62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic et200 pro im154-6 pn iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "tropos broadband mesh routers and bridges",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.2"
},
{
"model": "meraki mr33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "micros handheld terminal",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.2"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.6"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "110x0"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.4"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "contact fl comserver wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "232/422/4850"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.8"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7."
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1.91.3272"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.9"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "230802-110"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.1"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr14",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18150"
},
{
"model": "wireless client bridge 2.0.0.1-aruba501-b00",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.2"
},
{
"model": "airport express",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr16",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clarity engine",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0"
},
{
"model": "meraki mr30h",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0"
},
{
"model": "contact bl2 bpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "watch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "4.0"
},
{
"model": "ruggedcom rx1400",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "cn70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "pyxis parx handheld",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.40.100"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "meraki mr42",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.6"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.3"
},
{
"model": "wap561 wireless-n dual radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.26.3000"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6"
},
{
"model": "tvos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "contact rad-whg/wlan-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.3"
},
{
"model": "wi-fi update for boot camp",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.4.0"
},
{
"model": "suremark printer 2nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.0.0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.8"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "pyxis supply roller",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3"
},
{
"model": "telepresence collaboration endpoint",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2.61.3535"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "70xx0"
},
{
"model": "imac",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr72",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.25.3001"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2"
},
{
"model": "meraki mr53",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "wap551 wireless-n single radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.0.0"
},
{
"model": "wap121 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.5"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.0.1000"
},
{
"model": "wireless client bridge 1.0.1.3-hp501-b0012",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "i.roc ci70-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.0.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1"
},
{
"model": "cn70e-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.0.0.0"
},
{
"model": "meraki mr24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "suremark printer 1nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "50xx0"
},
{
"model": "meraki mr74",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.15"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.20"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.1"
},
{
"model": "systems esp32",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "micros handheld terminal 2.03.0.0.021r",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "38000"
},
{
"model": "pyxis parx",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dx70",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1.9"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2141"
},
{
"model": "pyxis anesthesia es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "aironet series officeextend access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18100"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.55.3000"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "meraki mr66",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2131"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.2"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18300"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.0.50.1004"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.1.0"
},
{
"model": "wap321 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic iwlan-pb/link",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "aironet 1810w series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr52",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr12",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airmesh msr",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.20"
},
{
"model": "watchos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "contact fl wlan ec",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.8"
},
{
"model": "systems esp8266",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "pad-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.0.1205"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88610"
},
{
"model": "clarity engine",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0.0.1"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15600"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.5"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.8"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "meraki mr58",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.2"
},
{
"model": "pyxis parassist system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0"
},
{
"model": "simatic mobile panel 277 iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "pyxis medstation t2",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.0.0"
},
{
"model": "wi-fi update for boot camp",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "30xx0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.6"
},
{
"model": "wireless client bridge",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "5010"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.5"
},
{
"model": "meraki mr11",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "35000"
},
{
"model": "automation stratix 15.3 jc1",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "5100"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "pyxis ciisafe workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "??0"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.0.0"
},
{
"model": "ipad air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1.71.3608"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.41.3024"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "dx80",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.0"
},
{
"model": "contact bl2 ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "contact tpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "60130"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1"
},
{
"model": "ck70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.20"
},
{
"model": "macbook pro",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.8"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.4"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.2"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.3"
},
{
"model": "tab-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "macmini",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.16"
},
{
"model": "contact fl wlan epa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "airport time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "alliance wpa2 (wi-fi protected access",
"scope": "eq",
"trust": 0.3,
"vendor": "wi fi",
"version": "2)0"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.9"
},
{
"model": "scalance wlc711",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "ruggedcom rs9xxw",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.15"
},
{
"model": "networks unifi access point",
"scope": "eq",
"trust": 0.3,
"vendor": "ubiquiti",
"version": "0"
},
{
"model": "suremark printer 2cr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88650"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "asa 5506w-x w/ firepower services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.9"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3005"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.0.0.0"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2010"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "14.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "16.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "17.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "9.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux desktop",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux point of sale",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openstack cloud",
"version": "6"
}
],
"sources": [
{
"db": "IVD",
"id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30397"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009179"
},
{
"db": "NVD",
"id": "CVE-2017-13088"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-389"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13088"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
"sources": [
{
"db": "BID",
"id": "101274"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-389"
}
],
"trust": 0.9
},
"cve": "CVE-2017-13088",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13088",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CNVD-2017-30397",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "b8631bf1-6bd8-4549-b275-107397f54fc7",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13088",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-13088",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-30397",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-389",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "b8631bf1-6bd8-4549-b275-107397f54fc7",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-13088",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
},
{
"db": "CNVD",
"id": "CNVD-2017-30397"
},
{
"db": "VULMON",
"id": "CVE-2017-13088"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009179"
},
{
"db": "NVD",
"id": "CVE-2017-13088"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-389"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WIG2 wireless network sleep mode has an IGTK key complete reload vulnerability. WPA2 is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: wpa_supplicant security update\nAdvisory ID: RHSA-2017:2907-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2017:2907\nIssue date: 2017-10-17\nCVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n hostapd 2.4-0ubuntu9.1\n wpasupplicant 2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n hostapd 2.4-0ubuntu6.2\n wpasupplicant 2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n hostapd 2.1-0ubuntu1.5\n wpasupplicant 2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. \n This update includes patches to mitigate the WPA2 protocol issues known\n as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n hijack TCP connections, and to forge and inject packets. \n CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n while processing it. \n For more information, see:\n https://www.krackattacks.com/\n https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa Security Advisory\n The FreeBSD Project\n\nTopic: WPA2 protocol vulnerability\n\nCategory: contrib\nModule: wpa\nAnnounced: 2017-10-16\nCredits: Mathy Vanhoef\nAffects: All supported versions of FreeBSD. \nCorrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0. Revision history\n\nv1.0 2017-10-17 Initial release. \nv1.1 2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII. Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV. Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/11/ r324697\nreleng/11.0/ r324698\nreleng/11.1/ r324699\nstable/10/ r324739\nreleng/10.3/ r324740\nreleng/10.4/ r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13088"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009179"
},
{
"db": "CNVD",
"id": "CNVD-2017-30397"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "IVD",
"id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
},
{
"db": "VULMON",
"id": "CVE-2017-13088"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
}
],
"trust": 3.87
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#228519",
"trust": 4.2
},
{
"db": "NVD",
"id": "CVE-2017-13088",
"trust": 4.1
},
{
"db": "BID",
"id": "101274",
"trust": 2.6
},
{
"db": "LENOVO",
"id": "LEN-17420",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1039577",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039576",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039581",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039578",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039573",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-901333",
"trust": 1.7
},
{
"db": "CERT@VDE",
"id": "VDE-2017-005",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSMA-18-114-01",
"trust": 1.2
},
{
"db": "ICS CERT",
"id": "ICSMA-19-029-01",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-353-02",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-01",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2017-30397",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-389",
"trust": 0.8
},
{
"db": "JUNIPER",
"id": "JSA10827",
"trust": 0.8
},
{
"db": "DLINK",
"id": "SAP10075",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02A",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90609033",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009179",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.4125",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-299-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-325-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "B8631BF1-6BD8-4549-B275-107397F54FC7",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2017-13088",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144632",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144663",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144669",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30397"
},
{
"db": "VULMON",
"id": "CVE-2017-13088"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009179"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "NVD",
"id": "CVE-2017-13088"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-389"
}
]
},
"id": "VAR-201710-0975",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
},
{
"db": "CNVD",
"id": "CNVD-2017-30397"
}
],
"trust": 1.3965711281818183
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
},
{
"db": "CNVD",
"id": "CNVD-2017-30397"
}
]
},
"last_update_date": "2023-12-18T11:36:06.334000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ARUBA-PSA-2017-007",
"trust": 0.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"title": "DSA-3999",
"trust": 0.8,
"url": "https://www.debian.org/security/2017/dsa-3999"
},
{
"title": "FreeBSD-SA-17:07.wpa",
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"title": "LEN-17420",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/en/product_security/len-17420"
},
{
"title": "NV17-024",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
},
{
"title": "SUSE-SU-2017:2745",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"title": "SUSE-SU-2017:2752",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"title": "openSUSE-SU-2017:2755",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"title": "RHSA-2017:2907",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"title": "USN-3455-1",
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"title": "WPA packet number reuse with replayed messages and key reinstallation",
"trust": 0.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066 ",
"trust": 0.8,
"url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
},
{
"title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.iodata.jp/support/information/2017/wpa2/"
},
{
"title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b ",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/info/20171110/"
},
{
"title": "Patch for WPA2 Wireless Network Sleep Mode IGTK Key Reload Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/103827"
},
{
"title": "Multiple WiFi product WPA2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75503"
},
{
"title": "Red Hat: Important: wpa_supplicant security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172907 - security advisory"
},
{
"title": "Red Hat: CVE-2017-13088",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13088"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13088"
},
{
"title": "Ubuntu Security Notice: wpa vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3455-1"
},
{
"title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
},
{
"title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-23"
},
{
"title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-22"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
},
{
"title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=5f8c525f1408011628af1792207b2099"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
},
{
"title": "KRACK",
"trust": 0.1,
"url": "https://github.com/chinatso/krack "
},
{
"title": "krackinfo",
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo "
},
{
"title": "nixos-issue-db-example",
"trust": 0.1,
"url": "https://github.com/andir/nixos-issue-db-example "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30397"
},
{
"db": "VULMON",
"id": "CVE-2017-13088"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009179"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-389"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009179"
},
{
"db": "NVD",
"id": "CVE-2017-13088"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://www.krackattacks.com/"
},
{
"trust": 3.3,
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"trust": 2.9,
"url": "http://www.securityfocus.com/bid/101274"
},
{
"trust": 2.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
},
{
"trust": 2.6,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"trust": 2.5,
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"trust": 2.2,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"trust": 1.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-3455-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039581"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039578"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039577"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039576"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039573"
},
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/len-17420"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
},
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
},
{
"trust": 1.1,
"url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
},
{
"trust": 1.1,
"url": "https://w1.fi/security/2017-1/"
},
{
"trust": 1.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/323.html"
},
{
"trust": 0.8,
"url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
},
{
"trust": 0.8,
"url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
},
{
"trust": 0.8,
"url": "https://www.al-enterprise.com/en/support/security-alert-krack"
},
{
"trust": 0.8,
"url": "https://support.apple.com/en-gb/ht208222"
},
{
"trust": 0.8,
"url": "https://security.archlinux.org/avg-447"
},
{
"trust": 0.8,
"url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
},
{
"trust": 0.8,
"url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
},
{
"trust": 0.8,
"url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
},
{
"trust": 0.8,
"url": "https://community.cypress.com/docs/doc-13871"
},
{
"trust": 0.8,
"url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
},
{
"trust": 0.8,
"url": "http://www.dell.com/support/article/sln307822"
},
{
"trust": 0.8,
"url": "https://github.com/espressif/esp8266_nonos_sdk"
},
{
"trust": 0.8,
"url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
},
{
"trust": 0.8,
"url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
},
{
"trust": 0.8,
"url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
},
{
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 0.8,
"url": "https://bugs.gentoo.org/634440"
},
{
"trust": 0.8,
"url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
},
{
"trust": 0.8,
"url": "https://kb.juniper.net/jsa10827"
},
{
"trust": 0.8,
"url": "https://support.lenovo.com/ca/en/product_security/len-17420"
},
{
"trust": 0.8,
"url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
},
{
"trust": 0.8,
"url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
},
{
"trust": 0.8,
"url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
},
{
"trust": 0.8,
"url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
},
{
"trust": 0.8,
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
},
{
"trust": 0.8,
"url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
},
{
"trust": 0.8,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
},
{
"trust": 0.8,
"url": "https://community.sophos.com/kb/en-us/127658"
},
{
"trust": 0.8,
"url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
},
{
"trust": 0.8,
"url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
},
{
"trust": 0.8,
"url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
},
{
"trust": 0.8,
"url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
},
{
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"trust": 0.8,
"url": "http://en.miui.com/thread-954223-1-1.html"
},
{
"trust": 0.8,
"url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
},
{
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
},
{
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
},
{
"trust": 0.8,
"url": "https://community.rsa.com/docs/doc-84103"
},
{
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k23642330"
},
{
"trust": 0.8,
"url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
},
{
"trust": 0.8,
"url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90609033/index.html"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
},
{
"trust": 0.6,
"url": "https://www.kb.cert.org/vuls/id/228519/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13077"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13078"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13080"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13082"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13086"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13087"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
},
{
"trust": 0.3,
"url": "http://www.wi-fi.org/index.php"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-ie/ht208847"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208334"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208327"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208325"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13081"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13084"
},
{
"trust": 0.3,
"url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/330.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://www.krackattacks.com/\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30397"
},
{
"db": "VULMON",
"id": "CVE-2017-13088"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009179"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "NVD",
"id": "CVE-2017-13088"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-389"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30397"
},
{
"db": "VULMON",
"id": "CVE-2017-13088"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009179"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "NVD",
"id": "CVE-2017-13088"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-389"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-17T00:00:00",
"db": "IVD",
"id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
},
{
"date": "2017-10-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30397"
},
{
"date": "2017-10-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13088"
},
{
"date": "2017-10-16T00:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2017-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009179"
},
{
"date": "2017-10-17T16:52:00",
"db": "PACKETSTORM",
"id": "144652"
},
{
"date": "2017-10-16T13:49:34",
"db": "PACKETSTORM",
"id": "144630"
},
{
"date": "2017-10-16T23:23:00",
"db": "PACKETSTORM",
"id": "144632"
},
{
"date": "2017-10-18T20:44:00",
"db": "PACKETSTORM",
"id": "144663"
},
{
"date": "2017-10-19T14:28:55",
"db": "PACKETSTORM",
"id": "144669"
},
{
"date": "2017-10-17T13:29:00.630000",
"db": "NVD",
"id": "CVE-2017-13088"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-389"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30397"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13088"
},
{
"date": "2019-02-21T09:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009179"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-13088"
},
{
"date": "2020-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-389"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-389"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-389"
}
],
"trust": 0.6
}
}
VAR-201710-0209
Vulnerability from variot - Updated: 2023-12-18 11:33Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Wi-Fi Protected Access (WPA, more commonly WPA2) handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a wireless access point (AP) or client. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The PTK-TK encryption key reloading vulnerability exists when the WPA2 wireless network receives and processes the retransmitted fast BSS transition reassociation request. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================
- Summary:
An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues. Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1491692 - CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake 1491693 - CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake 1491696 - CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake 1491698 - CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it 1500302 - CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake 1500303 - CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame 1500304 - CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm
ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm
ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm
s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).
An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.
For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.
For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.
For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.
We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017
wpa vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in wpa_supplicant.
Software Description: - wpa: client support for WPA and WPA2
Details:
Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1
Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2
Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5
After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project
Topic: WPA2 protocol vulnerability
Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
- Revision history
v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.
I.
hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.
II. Problem Description
A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.
III. Impact
Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.
IV. Workaround
An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:
wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"
and restart networking.
An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:
hostapd_program="/usr/local/sbin/hostapd"
and restart hostapd.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc
gpg --verify wpa-11.patch.asc
[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc
gpg --verify wpa-10.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE----- .
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz
MD5 signatures: +-------------+
Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz
Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0209",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "freebsd",
"scope": "eq",
"trust": 1.6,
"vendor": "freebsd",
"version": "10"
},
{
"model": "freebsd",
"scope": null,
"trust": 1.4,
"vendor": "freebsd",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "*"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "openstack cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "9front",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aerohive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "android open source",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "barracuda",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "broadcom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "centos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cradlepoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cypress semiconductor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "digi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "draytek",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "edimax computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "endian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "espressif",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hostap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipfire",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lancom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lede",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lifx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microchip",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mojo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nest",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netgear",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opnsense",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "omnirom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "open mesh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverbed",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "samsung mobile",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sony",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sophos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tp link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "texas instruments",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba commerce",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba electronic devices storage",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba memory",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turris omnia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "volumio",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xiaomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xirrus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zebra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dd wrt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "eero",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pfsense",
"version": null
},
{
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "linux enterprise desktop",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise point of sale",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "openstack cloud",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "hostapd",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "wpa supplicant",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "enterprise linux server",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "sr-m20ac1",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "sr-m20ac2",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "alliance wi-fi protected access 2",
"scope": null,
"trust": 0.6,
"vendor": "wi fi",
"version": null
},
{
"model": "scalance w-700",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "0"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.1"
},
{
"model": "pyxis supplystation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "sinamics smart access module",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v200"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.27.3264"
},
{
"model": "meraki mr34",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ck71a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2.0"
},
{
"model": "macbook air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18500"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.0"
},
{
"model": "meraki mr26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28000"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr84",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "510x0"
},
{
"model": "windows server r2 for itanium-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "contact itc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "81130"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.0.0"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr18",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.3"
},
{
"model": "scalance w1750d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "secure ii med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "210x0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "aironet access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "wap371 wireless-ac n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "contact rad-80211-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "contact fl wlan dap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.25"
},
{
"model": "pyxis medstation es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88210"
},
{
"model": "pyxis stockstation system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "macbook",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.2"
},
{
"model": "scalance wlc712",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "contact fl wlan spa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "meraki mr62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic et200 pro im154-6 pn iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "tropos broadband mesh routers and bridges",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.2"
},
{
"model": "meraki mr33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "micros handheld terminal",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.2"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.6"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "110x0"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.4"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "contact fl comserver wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "232/422/4850"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.8"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7."
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1.91.3272"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.9"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "230802-110"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.1"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr14",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18150"
},
{
"model": "wireless client bridge 2.0.0.1-aruba501-b00",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.2"
},
{
"model": "airport express",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr16",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clarity engine",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0"
},
{
"model": "meraki mr30h",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0"
},
{
"model": "contact bl2 bpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "watch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "4.0"
},
{
"model": "ruggedcom rx1400",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "cn70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "pyxis parx handheld",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.40.100"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "meraki mr42",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.6"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.3"
},
{
"model": "wap561 wireless-n dual radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.26.3000"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6"
},
{
"model": "tvos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "contact rad-whg/wlan-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.3"
},
{
"model": "wi-fi update for boot camp",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.4.0"
},
{
"model": "suremark printer 2nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.0.0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.8"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "pyxis supply roller",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3"
},
{
"model": "telepresence collaboration endpoint",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2.61.3535"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "70xx0"
},
{
"model": "imac",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr72",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.25.3001"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2"
},
{
"model": "meraki mr53",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "wap551 wireless-n single radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.0.0"
},
{
"model": "wap121 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.5"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.0.1000"
},
{
"model": "wireless client bridge 1.0.1.3-hp501-b0012",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "i.roc ci70-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.0.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1"
},
{
"model": "cn70e-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.0.0.0"
},
{
"model": "meraki mr24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "suremark printer 1nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "50xx0"
},
{
"model": "meraki mr74",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.15"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.20"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.1"
},
{
"model": "systems esp32",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "micros handheld terminal 2.03.0.0.021r",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "38000"
},
{
"model": "pyxis parx",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dx70",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1.9"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2141"
},
{
"model": "pyxis anesthesia es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "aironet series officeextend access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18100"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.55.3000"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "meraki mr66",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2131"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.2"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18300"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.0.50.1004"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.1.0"
},
{
"model": "wap321 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic iwlan-pb/link",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "aironet 1810w series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr52",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr12",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airmesh msr",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.20"
},
{
"model": "watchos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "contact fl wlan ec",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.8"
},
{
"model": "systems esp8266",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "pad-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.0.1205"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88610"
},
{
"model": "clarity engine",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0.0.1"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15600"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.5"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.8"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "meraki mr58",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.2"
},
{
"model": "pyxis parassist system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0"
},
{
"model": "simatic mobile panel 277 iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "pyxis medstation t2",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.0.0"
},
{
"model": "wi-fi update for boot camp",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "30xx0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.6"
},
{
"model": "wireless client bridge",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "5010"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.5"
},
{
"model": "meraki mr11",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "35000"
},
{
"model": "automation stratix 15.3 jc1",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "5100"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "pyxis ciisafe workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "??0"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.0.0"
},
{
"model": "ipad air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1.71.3608"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.41.3024"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "dx80",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.0"
},
{
"model": "contact bl2 ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "contact tpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "60130"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1"
},
{
"model": "ck70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.20"
},
{
"model": "macbook pro",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.8"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.4"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.2"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.3"
},
{
"model": "tab-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "macmini",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.16"
},
{
"model": "contact fl wlan epa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "airport time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "alliance wpa2 (wi-fi protected access",
"scope": "eq",
"trust": 0.3,
"vendor": "wi fi",
"version": "2)0"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.9"
},
{
"model": "scalance wlc711",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "ruggedcom rs9xxw",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.15"
},
{
"model": "networks unifi access point",
"scope": "eq",
"trust": 0.3,
"vendor": "ubiquiti",
"version": "0"
},
{
"model": "suremark printer 2cr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88650"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "asa 5506w-x w/ firepower services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.9"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3005"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.0.0.0"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2010"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "alliance",
"scope": "eq",
"trust": 0.2,
"vendor": "wi fi",
"version": "*"
},
{
"model": "protected access 2",
"scope": null,
"trust": 0.2,
"vendor": "wi fi",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30401"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009175"
},
{
"db": "NVD",
"id": "CVE-2017-13082"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-385"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13082"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
"sources": [
{
"db": "BID",
"id": "101274"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-385"
}
],
"trust": 0.9
},
"cve": "CVE-2017-13082",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-13082",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CNVD-2017-30401",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2017-13082",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-13082",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-13082",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-13082",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-30401",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-385",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-13082",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
},
{
"db": "CNVD",
"id": "CNVD-2017-30401"
},
{
"db": "VULMON",
"id": "CVE-2017-13082"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009175"
},
{
"db": "NVD",
"id": "CVE-2017-13082"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-385"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Wi-Fi Protected Access (WPA, more commonly WPA2) handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a wireless access point (AP) or client. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The PTK-TK encryption key reloading vulnerability exists when the WPA2 wireless network receives and processes the retransmitted fast BSS transition reassociation request. WPA2 is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: wpa_supplicant security update\nAdvisory ID: RHSA-2017:2907-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2017:2907\nIssue date: 2017-10-17\nCVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1491692 - CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake\n1491693 - CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake\n1491696 - CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake\n1491698 - CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it\n1500302 - CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake\n1500303 - CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame\n1500304 - CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n hostapd 2.4-0ubuntu9.1\n wpasupplicant 2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n hostapd 2.4-0ubuntu6.2\n wpasupplicant 2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n hostapd 2.1-0ubuntu1.5\n wpasupplicant 2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa Security Advisory\n The FreeBSD Project\n\nTopic: WPA2 protocol vulnerability\n\nCategory: contrib\nModule: wpa\nAnnounced: 2017-10-16\nCredits: Mathy Vanhoef\nAffects: All supported versions of FreeBSD. \nCorrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0. Revision history\n\nv1.0 2017-10-17 Initial release. \nv1.1 2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII. Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV. Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/11/ r324697\nreleng/11.0/ r324698\nreleng/11.1/ r324699\nstable/10/ r324739\nreleng/10.3/ r324740\nreleng/10.4/ r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. \n This update includes patches to mitigate the WPA2 protocol issues known\n as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n hijack TCP connections, and to forge and inject packets. \n For more information, see:\n https://www.krackattacks.com/\n https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13082"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009175"
},
{
"db": "CNVD",
"id": "CNVD-2017-30401"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "IVD",
"id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
},
{
"db": "VULMON",
"id": "CVE-2017-13082"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
}
],
"trust": 3.87
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#228519",
"trust": 4.2
},
{
"db": "NVD",
"id": "CVE-2017-13082",
"trust": 4.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-299-02",
"trust": 2.8
},
{
"db": "BID",
"id": "101274",
"trust": 2.6
},
{
"db": "LENOVO",
"id": "LEN-17420",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1039571",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039581",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039570",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039573",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-901333",
"trust": 1.7
},
{
"db": "CERT@VDE",
"id": "VDE-2017-005",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSMA-18-114-01",
"trust": 1.2
},
{
"db": "ICS CERT",
"id": "ICSMA-19-029-01",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-353-02",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-01",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2017-30401",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-385",
"trust": 0.8
},
{
"db": "JUNIPER",
"id": "JSA10827",
"trust": 0.8
},
{
"db": "DLINK",
"id": "SAP10075",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02A",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90609033",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009175",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.4125",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-325-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "AA65FB94-7CE8-4CAB-AA5A-818DDC180C3C",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2017-13082",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144632",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144669",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144663",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30401"
},
{
"db": "VULMON",
"id": "CVE-2017-13082"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009175"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "NVD",
"id": "CVE-2017-13082"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-385"
}
]
},
"id": "VAR-201710-0209",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
},
{
"db": "CNVD",
"id": "CNVD-2017-30401"
}
],
"trust": 1.3965711281818183
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
},
{
"db": "CNVD",
"id": "CNVD-2017-30401"
}
]
},
"last_update_date": "2023-12-18T11:33:34.064000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ARUBA-PSA-2017-007",
"trust": 0.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"title": "DSA-3999",
"trust": 0.8,
"url": "https://www.debian.org/security/2017/dsa-3999"
},
{
"title": "FreeBSD-SA-17:07.wpa",
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"title": "LEN-17420",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/en/product_security/len-17420"
},
{
"title": "NV17-024",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
},
{
"title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"title": "RHSA-2017:2907",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"title": "USN-3455-1",
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"title": "WPA packet number reuse with replayed messages and key reinstallation",
"trust": 0.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066 ",
"trust": 0.8,
"url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
},
{
"title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.iodata.jp/support/information/2017/wpa2/"
},
{
"title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/info/20171110/"
},
{
"title": "Patch for WPA2 Wireless Network PTK-TK Encryption Key Reload Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/103823"
},
{
"title": "Multiple WiFi product WPA2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75499"
},
{
"title": "Red Hat: Important: wpa_supplicant security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172907 - security advisory"
},
{
"title": "Red Hat: CVE-2017-13082",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13082"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13082"
},
{
"title": "Ubuntu Security Notice: wpa vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3455-1"
},
{
"title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
},
{
"title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-23"
},
{
"title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-22"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
},
{
"title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "KRACK",
"trust": 0.1,
"url": "https://github.com/chinatso/krack "
},
{
"title": "krackinfo",
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo "
},
{
"title": "nixos-issue-db-example",
"trust": 0.1,
"url": "https://github.com/andir/nixos-issue-db-example "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-warns-69-products-impacted-by-krack/128546/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/list-of-firmware-and-driver-updates-for-krack-wpa2-vulnerability/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30401"
},
{
"db": "VULMON",
"id": "CVE-2017-13082"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009175"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-385"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009175"
},
{
"db": "NVD",
"id": "CVE-2017-13082"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://www.krackattacks.com/"
},
{
"trust": 3.3,
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"trust": 2.9,
"url": "http://www.securityfocus.com/bid/101274"
},
{
"trust": 2.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
},
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
},
{
"trust": 2.6,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"trust": 2.5,
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"trust": 2.2,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-3455-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039581"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039573"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039571"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039570"
},
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/len-17420"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 1.7,
"url": "https://github.com/vanhoefm/krackattacks-test-ap-ft"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"trust": 1.7,
"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
},
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
},
{
"trust": 1.1,
"url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
},
{
"trust": 1.1,
"url": "https://w1.fi/security/2017-1/"
},
{
"trust": 1.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/323.html"
},
{
"trust": 0.8,
"url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
},
{
"trust": 0.8,
"url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
},
{
"trust": 0.8,
"url": "https://www.al-enterprise.com/en/support/security-alert-krack"
},
{
"trust": 0.8,
"url": "https://support.apple.com/en-gb/ht208222"
},
{
"trust": 0.8,
"url": "https://security.archlinux.org/avg-447"
},
{
"trust": 0.8,
"url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
},
{
"trust": 0.8,
"url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
},
{
"trust": 0.8,
"url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
},
{
"trust": 0.8,
"url": "https://community.cypress.com/docs/doc-13871"
},
{
"trust": 0.8,
"url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
},
{
"trust": 0.8,
"url": "http://www.dell.com/support/article/sln307822"
},
{
"trust": 0.8,
"url": "https://github.com/espressif/esp8266_nonos_sdk"
},
{
"trust": 0.8,
"url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
},
{
"trust": 0.8,
"url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
},
{
"trust": 0.8,
"url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
},
{
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 0.8,
"url": "https://bugs.gentoo.org/634440"
},
{
"trust": 0.8,
"url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
},
{
"trust": 0.8,
"url": "https://kb.juniper.net/jsa10827"
},
{
"trust": 0.8,
"url": "https://support.lenovo.com/ca/en/product_security/len-17420"
},
{
"trust": 0.8,
"url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
},
{
"trust": 0.8,
"url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
},
{
"trust": 0.8,
"url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
},
{
"trust": 0.8,
"url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
},
{
"trust": 0.8,
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
},
{
"trust": 0.8,
"url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
},
{
"trust": 0.8,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
},
{
"trust": 0.8,
"url": "https://community.sophos.com/kb/en-us/127658"
},
{
"trust": 0.8,
"url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
},
{
"trust": 0.8,
"url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
},
{
"trust": 0.8,
"url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
},
{
"trust": 0.8,
"url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
},
{
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"trust": 0.8,
"url": "http://en.miui.com/thread-954223-1-1.html"
},
{
"trust": 0.8,
"url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
},
{
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
},
{
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
},
{
"trust": 0.8,
"url": "https://community.rsa.com/docs/doc-84103"
},
{
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k23642330"
},
{
"trust": 0.8,
"url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
},
{
"trust": 0.8,
"url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90609033/index.html"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
},
{
"trust": 0.6,
"url": "https://www.kb.cert.org/vuls/id/228519/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13077"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13078"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13080"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13082"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13086"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13087"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
},
{
"trust": 0.3,
"url": "http://www.wi-fi.org/index.php"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-ie/ht208847"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208334"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208327"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208325"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13081"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13084"
},
{
"trust": 0.3,
"url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/330.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/cisco-warns-69-products-impacted-by-krack/128546/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://www.krackattacks.com/\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30401"
},
{
"db": "VULMON",
"id": "CVE-2017-13082"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009175"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "NVD",
"id": "CVE-2017-13082"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-385"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30401"
},
{
"db": "VULMON",
"id": "CVE-2017-13082"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009175"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "NVD",
"id": "CVE-2017-13082"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-385"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-17T00:00:00",
"db": "IVD",
"id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
},
{
"date": "2017-10-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30401"
},
{
"date": "2017-10-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13082"
},
{
"date": "2017-10-16T00:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2017-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009175"
},
{
"date": "2017-10-17T16:52:00",
"db": "PACKETSTORM",
"id": "144652"
},
{
"date": "2017-10-16T13:49:34",
"db": "PACKETSTORM",
"id": "144630"
},
{
"date": "2017-10-16T23:23:00",
"db": "PACKETSTORM",
"id": "144632"
},
{
"date": "2017-10-19T14:28:55",
"db": "PACKETSTORM",
"id": "144669"
},
{
"date": "2017-10-18T20:44:00",
"db": "PACKETSTORM",
"id": "144663"
},
{
"date": "2017-10-17T13:29:00.473000",
"db": "NVD",
"id": "CVE-2017-13082"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-385"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30401"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13082"
},
{
"date": "2019-02-21T09:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009175"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-13082"
},
{
"date": "2020-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-385"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-385"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-385"
}
],
"trust": 0.6
}
}
VAR-201710-0212
Vulnerability from variot - Updated: 2023-12-18 11:26Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). There is an IGTK group key reloading vulnerability in the fourth handshake of the WPA2 wireless network. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).
An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.
For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.
For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.
For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.
We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017
wpa vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in wpa_supplicant.
Software Description: - wpa: client support for WPA and WPA2
Details:
Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1
Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2
Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5
After a standard system update you need to reboot your computer to make all the necessary changes.
References: https://www.ubuntu.com/usn/usn-3455-1 CVE-2016-4476, CVE-2016-4477, CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
Package Information: https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1 https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2 https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201711-03
https://security.gentoo.org/
Severity: Normal Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks Date: November 10, 2017 Bugs: #634436, #634438 ID: 201711-03
Synopsis
A flaw was discovered in the 4-way handshake in hostapd and wpa_supplicant that allows attackers to conduct a Man in the Middle attack.
Background
wpa_supplicant is a WPA Supplicant with support for WPA and WPA2 (IEEE 802.11i / RSN).
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-wireless/hostapd < 2.6-r1 >= 2.6-r1 2 net-wireless/wpa_supplicant < 2.6-r3 >= 2.6-r3 ------------------------------------------------------------------- 2 affected packages
Description
WiFi Protected Access (WPA and WPA2) and it's associated technologies are all vulnerable to the KRACK attacks. Please review the referenced CVE identifiers for details.
Impact
An attacker can carry out the KRACK attacks on a wireless network in order to gain access to network clients. Once achieved, the attacker can potentially harvest confidential information (e.g. HTTP/HTTPS), inject malware, or perform a myriad of other attacks.
Workaround
There is no known workaround at this time.
Resolution
All hostapd users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-wireless/hostapd-2.6-r1"
All wpa_supplicant users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=net-wireless/wpa_supplicant-2.6-r3"
References
[ 1 ] CVE-2017-13077 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077 [ 2 ] CVE-2017-13078 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078 [ 3 ] CVE-2017-13079 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079 [ 4 ] CVE-2017-13080 .
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. This is the list of vulnerabilities that are addressed here: CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz
MD5 signatures: +-------------+
Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz
Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project
Topic: WPA2 protocol vulnerability
Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
- Revision history
v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.
I.
hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.
II. Problem Description
A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.
III. Impact
Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.
IV. Workaround
An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:
wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"
and restart networking.
An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:
hostapd_program="/usr/local/sbin/hostapd"
and restart hostapd.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc
gpg --verify wpa-11.patch.asc
[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc
gpg --verify wpa-10.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0212",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "12"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "12"
},
{
"model": "openstack cloud",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "6"
},
{
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "11"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "*"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "9front",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aerohive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "android open source",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "barracuda",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "broadcom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "centos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cradlepoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cypress semiconductor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "digi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "draytek",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "edimax computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "endian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "espressif",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hostap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipfire",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lancom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lede",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lifx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microchip",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mojo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nest",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netgear",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opnsense",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "omnirom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "open mesh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverbed",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "samsung mobile",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sony",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sophos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tp link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "texas instruments",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba commerce",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba electronic devices storage",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba memory",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turris omnia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "volumio",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xiaomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xirrus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zebra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dd wrt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "eero",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pfsense",
"version": null
},
{
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "freebsd",
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "linux enterprise desktop",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise point of sale",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "openstack cloud",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "hostapd",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "wpa supplicant",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "enterprise linux server",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "sr-m20ac1",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "sr-m20ac2",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "alliance wi-fi protected access 2",
"scope": null,
"trust": 0.6,
"vendor": "wi fi",
"version": null
},
{
"model": "scalance w-700",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux desktop",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux server",
"version": "11"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.1"
},
{
"model": "pyxis supplystation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "sinamics smart access module",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v200"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.27.3264"
},
{
"model": "meraki mr34",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ck71a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2.0"
},
{
"model": "macbook air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18500"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.0"
},
{
"model": "meraki mr26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28000"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr84",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "510x0"
},
{
"model": "windows server r2 for itanium-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "contact itc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "81130"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.0.0"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr18",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.3"
},
{
"model": "scalance w1750d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "secure ii med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "210x0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "aironet access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "wap371 wireless-ac n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "contact rad-80211-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "contact fl wlan dap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.25"
},
{
"model": "pyxis medstation es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88210"
},
{
"model": "pyxis stockstation system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "macbook",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.2"
},
{
"model": "scalance wlc712",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "contact fl wlan spa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "meraki mr62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic et200 pro im154-6 pn iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "tropos broadband mesh routers and bridges",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.2"
},
{
"model": "meraki mr33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "micros handheld terminal",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.2"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.6"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "110x0"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.4"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "contact fl comserver wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "232/422/4850"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.8"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7."
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1.91.3272"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.9"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "230802-110"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.1"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr14",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18150"
},
{
"model": "wireless client bridge 2.0.0.1-aruba501-b00",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.2"
},
{
"model": "airport express",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr16",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clarity engine",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0"
},
{
"model": "meraki mr30h",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0"
},
{
"model": "contact bl2 bpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "watch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "4.0"
},
{
"model": "ruggedcom rx1400",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "cn70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "pyxis parx handheld",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.40.100"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "meraki mr42",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.6"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.3"
},
{
"model": "wap561 wireless-n dual radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.26.3000"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6"
},
{
"model": "tvos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "contact rad-whg/wlan-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.3"
},
{
"model": "wi-fi update for boot camp",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.4.0"
},
{
"model": "suremark printer 2nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.0.0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.8"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "pyxis supply roller",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3"
},
{
"model": "telepresence collaboration endpoint",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2.61.3535"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "70xx0"
},
{
"model": "imac",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr72",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.25.3001"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2"
},
{
"model": "meraki mr53",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "wap551 wireless-n single radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.0.0"
},
{
"model": "wap121 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.5"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.0.1000"
},
{
"model": "wireless client bridge 1.0.1.3-hp501-b0012",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "i.roc ci70-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.0.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1"
},
{
"model": "cn70e-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.0.0.0"
},
{
"model": "meraki mr24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "suremark printer 1nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "50xx0"
},
{
"model": "meraki mr74",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.15"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.20"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.1"
},
{
"model": "systems esp32",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "micros handheld terminal 2.03.0.0.021r",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "38000"
},
{
"model": "pyxis parx",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dx70",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1.9"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2141"
},
{
"model": "pyxis anesthesia es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "aironet series officeextend access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18100"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.55.3000"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "meraki mr66",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2131"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.2"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18300"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.0.50.1004"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.1.0"
},
{
"model": "wap321 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic iwlan-pb/link",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "aironet 1810w series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr52",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr12",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airmesh msr",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.20"
},
{
"model": "watchos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "contact fl wlan ec",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.8"
},
{
"model": "systems esp8266",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "pad-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.0.1205"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88610"
},
{
"model": "clarity engine",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0.0.1"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15600"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.5"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.8"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "meraki mr58",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.2"
},
{
"model": "pyxis parassist system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0"
},
{
"model": "simatic mobile panel 277 iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "pyxis medstation t2",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.0.0"
},
{
"model": "wi-fi update for boot camp",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "30xx0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.6"
},
{
"model": "wireless client bridge",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "5010"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.5"
},
{
"model": "meraki mr11",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "35000"
},
{
"model": "automation stratix 15.3 jc1",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "5100"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "pyxis ciisafe workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "??0"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.0.0"
},
{
"model": "ipad air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1.71.3608"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.41.3024"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "dx80",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.0"
},
{
"model": "contact bl2 ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "contact tpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "60130"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1"
},
{
"model": "ck70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.20"
},
{
"model": "macbook pro",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.8"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.4"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.2"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.3"
},
{
"model": "tab-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "macmini",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.16"
},
{
"model": "contact fl wlan epa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "airport time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "alliance wpa2 (wi-fi protected access",
"scope": "eq",
"trust": 0.3,
"vendor": "wi fi",
"version": "2)0"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.9"
},
{
"model": "scalance wlc711",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "ruggedcom rs9xxw",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.15"
},
{
"model": "networks unifi access point",
"scope": "eq",
"trust": 0.3,
"vendor": "ubiquiti",
"version": "0"
},
{
"model": "suremark printer 2cr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88650"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "asa 5506w-x w/ firepower services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.9"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3005"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.0.0.0"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2010"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "14.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "16.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "17.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "9.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux desktop",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux point of sale",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openstack cloud",
"version": "6"
}
],
"sources": [
{
"db": "IVD",
"id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30404"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009172"
},
{
"db": "NVD",
"id": "CVE-2017-13079"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-382"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13079"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
"sources": [
{
"db": "BID",
"id": "101274"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-382"
}
],
"trust": 0.9
},
"cve": "CVE-2017-13079",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13079",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CNVD-2017-30404",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "3ba265af-e434-4086-b786-5c33d3edb3dc",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13079",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-13079",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-30404",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-382",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "3ba265af-e434-4086-b786-5c33d3edb3dc",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-13079",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
},
{
"db": "CNVD",
"id": "CNVD-2017-30404"
},
{
"db": "VULMON",
"id": "CVE-2017-13079"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009172"
},
{
"db": "NVD",
"id": "CVE-2017-13079"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-382"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). There is an IGTK group key reloading vulnerability in the fourth handshake of the WPA2 wireless network. WPA2 is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n hostapd 2.4-0ubuntu9.1\n wpasupplicant 2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n hostapd 2.4-0ubuntu6.2\n wpasupplicant 2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n hostapd 2.1-0ubuntu1.5\n wpasupplicant 2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nReferences:\n https://www.ubuntu.com/usn/usn-3455-1\n CVE-2016-4476, CVE-2016-4477, CVE-2017-13077, CVE-2017-13078,\n CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1\n https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2\n https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201711-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK)\n attacks\n Date: November 10, 2017\n Bugs: #634436, #634438\n ID: 201711-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA flaw was discovered in the 4-way handshake in hostapd and\nwpa_supplicant that allows attackers to conduct a Man in the Middle\nattack. \n\nBackground\n==========\n\nwpa_supplicant is a WPA Supplicant with support for WPA and WPA2 (IEEE\n802.11i / RSN). \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-wireless/hostapd \u003c 2.6-r1 \u003e= 2.6-r1 \n 2 net-wireless/wpa_supplicant\n \u003c 2.6-r3 \u003e= 2.6-r3 \n -------------------------------------------------------------------\n 2 affected packages\n\nDescription\n===========\n\nWiFi Protected Access (WPA and WPA2) and it\u0027s associated technologies\nare all vulnerable to the KRACK attacks. Please review the referenced\nCVE identifiers for details. \n\nImpact\n======\n\nAn attacker can carry out the KRACK attacks on a wireless network in\norder to gain access to network clients. Once achieved, the attacker\ncan potentially harvest confidential information (e.g. HTTP/HTTPS),\ninject malware, or perform a myriad of other attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll hostapd users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-wireless/hostapd-2.6-r1\"\n\nAll wpa_supplicant users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=net-wireless/wpa_supplicant-2.6-r3\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-13077\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077\n[ 2 ] CVE-2017-13078\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078\n[ 3 ] CVE-2017-13079\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079\n[ 4 ] CVE-2017-13080\n. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. \n This update includes patches to mitigate the WPA2 protocol issues known\n as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n hijack TCP connections, and to forge and inject packets. This is the\n list of vulnerabilities that are addressed here:\n CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the\n 4-way handshake. \n CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n while processing it. \n CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. \n CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)\n PeerKey (TPK) key in the TDLS handshake. \n For more information, see:\n https://www.krackattacks.com/\n https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa Security Advisory\n The FreeBSD Project\n\nTopic: WPA2 protocol vulnerability\n\nCategory: contrib\nModule: wpa\nAnnounced: 2017-10-16\nCredits: Mathy Vanhoef\nAffects: All supported versions of FreeBSD. \nCorrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0. Revision history\n\nv1.0 2017-10-17 Initial release. \nv1.1 2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII. Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV. Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/11/ r324697\nreleng/11.0/ r324698\nreleng/11.1/ r324699\nstable/10/ r324739\nreleng/10.3/ r324740\nreleng/10.4/ r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13079"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009172"
},
{
"db": "CNVD",
"id": "CNVD-2017-30404"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "IVD",
"id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
},
{
"db": "VULMON",
"id": "CVE-2017-13079"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
}
],
"trust": 3.87
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#228519",
"trust": 4.2
},
{
"db": "NVD",
"id": "CVE-2017-13079",
"trust": 4.1
},
{
"db": "BID",
"id": "101274",
"trust": 2.6
},
{
"db": "LENOVO",
"id": "LEN-17420",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1039578",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039581",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039585",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039573",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039576",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039577",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-901333",
"trust": 1.7
},
{
"db": "CERT@VDE",
"id": "VDE-2017-005",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSMA-18-114-01",
"trust": 1.2
},
{
"db": "ICS CERT",
"id": "ICSMA-19-029-01",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-353-02",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-01",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2017-30404",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-382",
"trust": 0.8
},
{
"db": "JUNIPER",
"id": "JSA10827",
"trust": 0.8
},
{
"db": "DLINK",
"id": "SAP10075",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02A",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90609033",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009172",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.4125",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-299-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-325-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "3BA265AF-E434-4086-B786-5C33D3EDB3DC",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2017-13079",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144632",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144944",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144663",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144669",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30404"
},
{
"db": "VULMON",
"id": "CVE-2017-13079"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009172"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "NVD",
"id": "CVE-2017-13079"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-382"
}
]
},
"id": "VAR-201710-0212",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
},
{
"db": "CNVD",
"id": "CNVD-2017-30404"
}
],
"trust": 1.3965711281818183
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
},
{
"db": "CNVD",
"id": "CNVD-2017-30404"
}
]
},
"last_update_date": "2023-12-18T11:26:58.877000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ARUBA-PSA-2017-007",
"trust": 0.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"title": "DSA-3999",
"trust": 0.8,
"url": "https://www.debian.org/security/2017/dsa-3999"
},
{
"title": "FreeBSD-SA-17:07.wpa",
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"title": "LEN-17420",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/en/product_security/len-17420"
},
{
"title": "NV17-024",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
},
{
"title": "SUSE-SU-2017:2745",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"title": "SUSE-SU-2017:2752",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"title": "openSUSE-SU-2017:2755",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"title": "USN-3455-1",
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"title": "WPA packet number reuse with replayed messages and key reinstallation",
"trust": 0.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
},
{
"title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.iodata.jp/support/information/2017/wpa2/"
},
{
"title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/info/20171110/"
},
{
"title": "Patch for WPA2 Wireless Network IGTK Group Key Reload Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/103820"
},
{
"title": "Multiple WiFi product WPA2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75496"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
},
{
"title": "Red Hat: CVE-2017-13079",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13079"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13079"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=8d6572a049179153e7106f494e1a3bca"
},
{
"title": "Debian CVElist Bug Report Logs: firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2e0affd9108e95fa2aa2c706c74cd8a9"
},
{
"title": "Ubuntu Security Notice: wpa vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3455-1"
},
{
"title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
},
{
"title": "HP: HPSBPI03574 rev. 1 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbpi03574"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHP Printing Security Advisory - KRACK Attacks Potential Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=159d2d394e685e849c1feb8bd9a2f58e"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=5acd9ad059fdc01fe064c5234e076a80"
},
{
"title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-23"
},
{
"title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-22"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
},
{
"title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "KRACK",
"trust": 0.1,
"url": "https://github.com/chinatso/krack "
},
{
"title": "krackinfo",
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/merlinepedra/krack "
},
{
"title": "nixos-issue-db-example",
"trust": 0.1,
"url": "https://github.com/andir/nixos-issue-db-example "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30404"
},
{
"db": "VULMON",
"id": "CVE-2017-13079"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009172"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-382"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009172"
},
{
"db": "NVD",
"id": "CVE-2017-13079"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://www.krackattacks.com/"
},
{
"trust": 3.3,
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"trust": 2.9,
"url": "http://www.securityfocus.com/bid/101274"
},
{
"trust": 2.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
},
{
"trust": 2.5,
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"trust": 2.5,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"trust": 1.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-3455-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039585"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039581"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039578"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039577"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039576"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039573"
},
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/len-17420"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.7,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03792en_us"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
},
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
},
{
"trust": 1.1,
"url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
},
{
"trust": 1.1,
"url": "https://w1.fi/security/2017-1/"
},
{
"trust": 1.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/323.html"
},
{
"trust": 0.8,
"url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
},
{
"trust": 0.8,
"url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
},
{
"trust": 0.8,
"url": "https://www.al-enterprise.com/en/support/security-alert-krack"
},
{
"trust": 0.8,
"url": "https://support.apple.com/en-gb/ht208222"
},
{
"trust": 0.8,
"url": "https://security.archlinux.org/avg-447"
},
{
"trust": 0.8,
"url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
},
{
"trust": 0.8,
"url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
},
{
"trust": 0.8,
"url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
},
{
"trust": 0.8,
"url": "https://community.cypress.com/docs/doc-13871"
},
{
"trust": 0.8,
"url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
},
{
"trust": 0.8,
"url": "http://www.dell.com/support/article/sln307822"
},
{
"trust": 0.8,
"url": "https://github.com/espressif/esp8266_nonos_sdk"
},
{
"trust": 0.8,
"url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
},
{
"trust": 0.8,
"url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
},
{
"trust": 0.8,
"url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
},
{
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 0.8,
"url": "https://bugs.gentoo.org/634440"
},
{
"trust": 0.8,
"url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
},
{
"trust": 0.8,
"url": "https://kb.juniper.net/jsa10827"
},
{
"trust": 0.8,
"url": "https://support.lenovo.com/ca/en/product_security/len-17420"
},
{
"trust": 0.8,
"url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
},
{
"trust": 0.8,
"url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
},
{
"trust": 0.8,
"url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
},
{
"trust": 0.8,
"url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
},
{
"trust": 0.8,
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
},
{
"trust": 0.8,
"url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
},
{
"trust": 0.8,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
},
{
"trust": 0.8,
"url": "https://community.sophos.com/kb/en-us/127658"
},
{
"trust": 0.8,
"url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
},
{
"trust": 0.8,
"url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
},
{
"trust": 0.8,
"url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
},
{
"trust": 0.8,
"url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
},
{
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"trust": 0.8,
"url": "http://en.miui.com/thread-954223-1-1.html"
},
{
"trust": 0.8,
"url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
},
{
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
},
{
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
},
{
"trust": 0.8,
"url": "https://community.rsa.com/docs/doc-84103"
},
{
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k23642330"
},
{
"trust": 0.8,
"url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
},
{
"trust": 0.8,
"url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90609033/index.html"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
},
{
"trust": 0.6,
"url": "https://www.kb.cert.org/vuls/id/228519/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13079"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
},
{
"trust": 0.3,
"url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
},
{
"trust": 0.3,
"url": "http://www.wi-fi.org/index.php"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-ie/ht208847"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208334"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208327"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208325"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13077"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13078"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13080"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13081"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13082"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13084"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13086"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13087"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13088"
},
{
"trust": 0.3,
"url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/330.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13078"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13077"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://www.krackattacks.com/\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30404"
},
{
"db": "VULMON",
"id": "CVE-2017-13079"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009172"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "NVD",
"id": "CVE-2017-13079"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-382"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30404"
},
{
"db": "VULMON",
"id": "CVE-2017-13079"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009172"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "NVD",
"id": "CVE-2017-13079"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-382"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-17T00:00:00",
"db": "IVD",
"id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
},
{
"date": "2017-10-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30404"
},
{
"date": "2017-10-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13079"
},
{
"date": "2017-10-16T00:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2017-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009172"
},
{
"date": "2017-10-16T13:49:34",
"db": "PACKETSTORM",
"id": "144630"
},
{
"date": "2017-10-16T23:23:00",
"db": "PACKETSTORM",
"id": "144632"
},
{
"date": "2017-11-10T19:19:00",
"db": "PACKETSTORM",
"id": "144944"
},
{
"date": "2017-10-18T20:44:00",
"db": "PACKETSTORM",
"id": "144663"
},
{
"date": "2017-10-19T14:28:55",
"db": "PACKETSTORM",
"id": "144669"
},
{
"date": "2017-10-17T13:29:00.367000",
"db": "NVD",
"id": "CVE-2017-13079"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-382"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30404"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13079"
},
{
"date": "2019-02-21T09:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009172"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-13079"
},
{
"date": "2020-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-382"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-382"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-382"
}
],
"trust": 0.6
}
}
VAR-201710-0214
Vulnerability from variot - Updated: 2023-12-18 10:51Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network re-installs the tunnel in the TDLS handshake. The TPK key vulnerability exists when the PeerKey is set up directly. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================
- Summary:
An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues. Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1491692 - CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake 1491693 - CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake 1491696 - CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake 1491698 - CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it 1500302 - CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake 1500303 - CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame 1500304 - CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm
ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm
ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm
s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).
An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.
For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.
For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.
For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.
We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017
wpa vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in wpa_supplicant.
Software Description: - wpa: client support for WPA and WPA2
Details:
Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1
Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2
Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5
After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project
Topic: WPA2 protocol vulnerability
Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
- Revision history
v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.
I.
hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.
II. Problem Description
A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.
III. Impact
Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.
IV. Workaround
An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:
wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"
and restart networking.
An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:
hostapd_program="/usr/local/sbin/hostapd"
and restart hostapd.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc
gpg --verify wpa-11.patch.asc
[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc
gpg --verify wpa-10.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE----- .
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz
MD5 signatures: +-------------+
Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz
Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0214",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "12"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "12"
},
{
"model": "openstack cloud",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "6"
},
{
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "11"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "*"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "9front",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aerohive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "android open source",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "barracuda",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "broadcom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "centos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cradlepoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cypress semiconductor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "digi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "draytek",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "edimax computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "endian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "espressif",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hostap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipfire",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lancom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lede",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lifx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microchip",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mojo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nest",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netgear",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opnsense",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "omnirom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "open mesh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverbed",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "samsung mobile",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sony",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sophos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tp link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "texas instruments",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba commerce",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba electronic devices storage",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba memory",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turris omnia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "volumio",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xiaomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xirrus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zebra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dd wrt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "eero",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pfsense",
"version": null
},
{
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "freebsd",
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "linux enterprise desktop",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise point of sale",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "openstack cloud",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "hostapd",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "wpa supplicant",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "enterprise linux server",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "sr-m20ac1",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "sr-m20ac2",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "alliance wi-fi protected access 2",
"scope": null,
"trust": 0.6,
"vendor": "wi fi",
"version": null
},
{
"model": "scalance w-700",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "0"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.1"
},
{
"model": "pyxis supplystation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "sinamics smart access module",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v200"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.27.3264"
},
{
"model": "meraki mr34",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ck71a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2.0"
},
{
"model": "macbook air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18500"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.0"
},
{
"model": "meraki mr26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28000"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr84",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "510x0"
},
{
"model": "windows server r2 for itanium-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "contact itc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "81130"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.0.0"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr18",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.3"
},
{
"model": "scalance w1750d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "secure ii med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "210x0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "aironet access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "wap371 wireless-ac n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "contact rad-80211-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "contact fl wlan dap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.25"
},
{
"model": "pyxis medstation es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88210"
},
{
"model": "pyxis stockstation system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "macbook",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.2"
},
{
"model": "scalance wlc712",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "contact fl wlan spa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "meraki mr62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic et200 pro im154-6 pn iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "tropos broadband mesh routers and bridges",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.2"
},
{
"model": "meraki mr33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "micros handheld terminal",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.2"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.6"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "110x0"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.4"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "contact fl comserver wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "232/422/4850"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.8"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7."
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1.91.3272"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.9"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "230802-110"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.1"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr14",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18150"
},
{
"model": "wireless client bridge 2.0.0.1-aruba501-b00",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.2"
},
{
"model": "airport express",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr16",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clarity engine",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0"
},
{
"model": "meraki mr30h",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0"
},
{
"model": "contact bl2 bpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "watch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "4.0"
},
{
"model": "ruggedcom rx1400",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "cn70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "pyxis parx handheld",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.40.100"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "meraki mr42",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.6"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.3"
},
{
"model": "wap561 wireless-n dual radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.26.3000"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6"
},
{
"model": "tvos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "contact rad-whg/wlan-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.3"
},
{
"model": "wi-fi update for boot camp",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.4.0"
},
{
"model": "suremark printer 2nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.0.0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.8"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "pyxis supply roller",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3"
},
{
"model": "telepresence collaboration endpoint",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2.61.3535"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "70xx0"
},
{
"model": "imac",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr72",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.25.3001"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2"
},
{
"model": "meraki mr53",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "wap551 wireless-n single radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.0.0"
},
{
"model": "wap121 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.5"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.0.1000"
},
{
"model": "wireless client bridge 1.0.1.3-hp501-b0012",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "i.roc ci70-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.0.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1"
},
{
"model": "cn70e-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.0.0.0"
},
{
"model": "meraki mr24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "suremark printer 1nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "50xx0"
},
{
"model": "meraki mr74",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.15"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.20"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.1"
},
{
"model": "systems esp32",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "micros handheld terminal 2.03.0.0.021r",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "38000"
},
{
"model": "pyxis parx",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dx70",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1.9"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2141"
},
{
"model": "pyxis anesthesia es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "aironet series officeextend access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18100"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.55.3000"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "meraki mr66",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2131"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.2"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18300"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.0.50.1004"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.1.0"
},
{
"model": "wap321 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic iwlan-pb/link",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "aironet 1810w series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr52",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr12",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airmesh msr",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.20"
},
{
"model": "watchos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "contact fl wlan ec",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.8"
},
{
"model": "systems esp8266",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "pad-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.0.1205"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88610"
},
{
"model": "clarity engine",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0.0.1"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15600"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.5"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.8"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "meraki mr58",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.2"
},
{
"model": "pyxis parassist system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0"
},
{
"model": "simatic mobile panel 277 iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "pyxis medstation t2",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.0.0"
},
{
"model": "wi-fi update for boot camp",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "30xx0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.6"
},
{
"model": "wireless client bridge",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "5010"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.5"
},
{
"model": "meraki mr11",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "35000"
},
{
"model": "automation stratix 15.3 jc1",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "5100"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "pyxis ciisafe workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "??0"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.0.0"
},
{
"model": "ipad air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1.71.3608"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.41.3024"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "dx80",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.0"
},
{
"model": "contact bl2 ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "contact tpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "60130"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1"
},
{
"model": "ck70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.20"
},
{
"model": "macbook pro",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.8"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.4"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.2"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.3"
},
{
"model": "tab-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "macmini",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.16"
},
{
"model": "contact fl wlan epa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "airport time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "alliance wpa2 (wi-fi protected access",
"scope": "eq",
"trust": 0.3,
"vendor": "wi fi",
"version": "2)0"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.9"
},
{
"model": "scalance wlc711",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "ruggedcom rs9xxw",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.15"
},
{
"model": "networks unifi access point",
"scope": "eq",
"trust": 0.3,
"vendor": "ubiquiti",
"version": "0"
},
{
"model": "suremark printer 2cr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88650"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "asa 5506w-x w/ firepower services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.9"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3005"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.0.0.0"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2010"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "alliance",
"scope": "eq",
"trust": 0.2,
"vendor": "wi fi",
"version": "*"
},
{
"model": "protected access 2",
"scope": null,
"trust": 0.2,
"vendor": "wi fi",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30399"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009177"
},
{
"db": "NVD",
"id": "CVE-2017-13086"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-387"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13086"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
"sources": [
{
"db": "BID",
"id": "101274"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-387"
}
],
"trust": 0.9
},
"cve": "CVE-2017-13086",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-13086",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CNVD-2017-30399",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "677462e3-ebb6-4e50-89c1-86a854509d8d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-13086",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-13086",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-30399",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-387",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "677462e3-ebb6-4e50-89c1-86a854509d8d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-13086",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
},
{
"db": "CNVD",
"id": "CNVD-2017-30399"
},
{
"db": "VULMON",
"id": "CVE-2017-13086"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009177"
},
{
"db": "NVD",
"id": "CVE-2017-13086"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-387"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network re-installs the tunnel in the TDLS handshake. The TPK key vulnerability exists when the PeerKey is set up directly. WPA2 is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: wpa_supplicant security update\nAdvisory ID: RHSA-2017:2907-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2017:2907\nIssue date: 2017-10-17\nCVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1491692 - CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake\n1491693 - CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake\n1491696 - CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake\n1491698 - CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it\n1500302 - CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake\n1500303 - CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame\n1500304 - CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n hostapd 2.4-0ubuntu9.1\n wpasupplicant 2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n hostapd 2.4-0ubuntu6.2\n wpasupplicant 2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n hostapd 2.1-0ubuntu1.5\n wpasupplicant 2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa Security Advisory\n The FreeBSD Project\n\nTopic: WPA2 protocol vulnerability\n\nCategory: contrib\nModule: wpa\nAnnounced: 2017-10-16\nCredits: Mathy Vanhoef\nAffects: All supported versions of FreeBSD. \nCorrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0. Revision history\n\nv1.0 2017-10-17 Initial release. \nv1.1 2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII. Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV. Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/11/ r324697\nreleng/11.0/ r324698\nreleng/11.1/ r324699\nstable/10/ r324739\nreleng/10.3/ r324740\nreleng/10.4/ r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. \n This update includes patches to mitigate the WPA2 protocol issues known\n as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n hijack TCP connections, and to forge and inject packets. \n CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n while processing it. \n For more information, see:\n https://www.krackattacks.com/\n https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13086"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009177"
},
{
"db": "CNVD",
"id": "CNVD-2017-30399"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "IVD",
"id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
},
{
"db": "VULMON",
"id": "CVE-2017-13086"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
}
],
"trust": 3.87
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#228519",
"trust": 4.2
},
{
"db": "NVD",
"id": "CVE-2017-13086",
"trust": 4.1
},
{
"db": "BID",
"id": "101274",
"trust": 2.6
},
{
"db": "LENOVO",
"id": "LEN-17420",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1039577",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039576",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039581",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039578",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039573",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-901333",
"trust": 1.7
},
{
"db": "CERT@VDE",
"id": "VDE-2017-005",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSMA-18-114-01",
"trust": 1.2
},
{
"db": "ICS CERT",
"id": "ICSMA-19-029-01",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-353-02",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-01",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2017-30399",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-387",
"trust": 0.8
},
{
"db": "JUNIPER",
"id": "JSA10827",
"trust": 0.8
},
{
"db": "DLINK",
"id": "SAP10075",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02A",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90609033",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009177",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.4125",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-299-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-325-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "677462E3-EBB6-4E50-89C1-86A854509D8D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2017-13086",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144632",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144669",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144663",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30399"
},
{
"db": "VULMON",
"id": "CVE-2017-13086"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009177"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "NVD",
"id": "CVE-2017-13086"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-387"
}
]
},
"id": "VAR-201710-0214",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
},
{
"db": "CNVD",
"id": "CNVD-2017-30399"
}
],
"trust": 1.3965711281818183
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
},
{
"db": "CNVD",
"id": "CNVD-2017-30399"
}
]
},
"last_update_date": "2023-12-18T10:51:35.342000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ARUBA-PSA-2017-007",
"trust": 0.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"title": "DSA-3999",
"trust": 0.8,
"url": "https://www.debian.org/security/2017/dsa-3999"
},
{
"title": "FreeBSD-SA-17:07.wpa",
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"title": "LEN-17420",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/en/product_security/len-17420"
},
{
"title": "NV17-024",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
},
{
"title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"title": "RHSA-2017:2907",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"title": "USN-3455-1",
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"title": "WPA packet number reuse with replayed messages and key reinstallation",
"trust": 0.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066 ",
"trust": 0.8,
"url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
},
{
"title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.iodata.jp/support/information/2017/wpa2/"
},
{
"title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b ",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/info/20171110/"
},
{
"title": "WPA2 Wireless Network TPK Key Reload Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/103825"
},
{
"title": "Multiple WiFi product WPA2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75501"
},
{
"title": "Red Hat: Important: wpa_supplicant security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172907 - security advisory"
},
{
"title": "Red Hat: CVE-2017-13086",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13086"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13086"
},
{
"title": "Ubuntu Security Notice: wpa vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3455-1"
},
{
"title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
},
{
"title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
},
{
"title": "KRACK",
"trust": 0.1,
"url": "https://github.com/chinatso/krack "
},
{
"title": "krackinfo",
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo "
},
{
"title": "nixos-issue-db-example",
"trust": 0.1,
"url": "https://github.com/andir/nixos-issue-db-example "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30399"
},
{
"db": "VULMON",
"id": "CVE-2017-13086"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009177"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-387"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009177"
},
{
"db": "NVD",
"id": "CVE-2017-13086"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://www.krackattacks.com/"
},
{
"trust": 3.3,
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"trust": 2.9,
"url": "http://www.securityfocus.com/bid/101274"
},
{
"trust": 2.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
},
{
"trust": 2.6,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"trust": 2.5,
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"trust": 2.2,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"trust": 1.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-3455-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039581"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039578"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039577"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039576"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039573"
},
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/len-17420"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
},
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
},
{
"trust": 1.1,
"url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
},
{
"trust": 1.1,
"url": "https://w1.fi/security/2017-1/"
},
{
"trust": 1.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/323.html"
},
{
"trust": 0.8,
"url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
},
{
"trust": 0.8,
"url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
},
{
"trust": 0.8,
"url": "https://www.al-enterprise.com/en/support/security-alert-krack"
},
{
"trust": 0.8,
"url": "https://support.apple.com/en-gb/ht208222"
},
{
"trust": 0.8,
"url": "https://security.archlinux.org/avg-447"
},
{
"trust": 0.8,
"url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
},
{
"trust": 0.8,
"url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
},
{
"trust": 0.8,
"url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
},
{
"trust": 0.8,
"url": "https://community.cypress.com/docs/doc-13871"
},
{
"trust": 0.8,
"url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
},
{
"trust": 0.8,
"url": "http://www.dell.com/support/article/sln307822"
},
{
"trust": 0.8,
"url": "https://github.com/espressif/esp8266_nonos_sdk"
},
{
"trust": 0.8,
"url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
},
{
"trust": 0.8,
"url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
},
{
"trust": 0.8,
"url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
},
{
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 0.8,
"url": "https://bugs.gentoo.org/634440"
},
{
"trust": 0.8,
"url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
},
{
"trust": 0.8,
"url": "https://kb.juniper.net/jsa10827"
},
{
"trust": 0.8,
"url": "https://support.lenovo.com/ca/en/product_security/len-17420"
},
{
"trust": 0.8,
"url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
},
{
"trust": 0.8,
"url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
},
{
"trust": 0.8,
"url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
},
{
"trust": 0.8,
"url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
},
{
"trust": 0.8,
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
},
{
"trust": 0.8,
"url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
},
{
"trust": 0.8,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
},
{
"trust": 0.8,
"url": "https://community.sophos.com/kb/en-us/127658"
},
{
"trust": 0.8,
"url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
},
{
"trust": 0.8,
"url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
},
{
"trust": 0.8,
"url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
},
{
"trust": 0.8,
"url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
},
{
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"trust": 0.8,
"url": "http://en.miui.com/thread-954223-1-1.html"
},
{
"trust": 0.8,
"url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
},
{
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
},
{
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
},
{
"trust": 0.8,
"url": "https://community.rsa.com/docs/doc-84103"
},
{
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k23642330"
},
{
"trust": 0.8,
"url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
},
{
"trust": 0.8,
"url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90609033/index.html"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
},
{
"trust": 0.6,
"url": "https://www.kb.cert.org/vuls/id/228519/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13077"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13078"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13080"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13082"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13086"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13087"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
},
{
"trust": 0.3,
"url": "http://www.wi-fi.org/index.php"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-ie/ht208847"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208334"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208327"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208325"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13081"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13084"
},
{
"trust": 0.3,
"url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/330.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://www.krackattacks.com/\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30399"
},
{
"db": "VULMON",
"id": "CVE-2017-13086"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009177"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "NVD",
"id": "CVE-2017-13086"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-387"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30399"
},
{
"db": "VULMON",
"id": "CVE-2017-13086"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009177"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "NVD",
"id": "CVE-2017-13086"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-387"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-17T00:00:00",
"db": "IVD",
"id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
},
{
"date": "2017-10-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30399"
},
{
"date": "2017-10-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13086"
},
{
"date": "2017-10-16T00:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2017-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009177"
},
{
"date": "2017-10-17T16:52:00",
"db": "PACKETSTORM",
"id": "144652"
},
{
"date": "2017-10-16T13:49:34",
"db": "PACKETSTORM",
"id": "144630"
},
{
"date": "2017-10-16T23:23:00",
"db": "PACKETSTORM",
"id": "144632"
},
{
"date": "2017-10-19T14:28:55",
"db": "PACKETSTORM",
"id": "144669"
},
{
"date": "2017-10-18T20:44:00",
"db": "PACKETSTORM",
"id": "144663"
},
{
"date": "2017-10-17T13:29:00.553000",
"db": "NVD",
"id": "CVE-2017-13086"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-387"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30399"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13086"
},
{
"date": "2019-02-21T09:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009177"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-13086"
},
{
"date": "2020-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-387"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-387"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-387"
}
],
"trust": 0.6
}
}
VAR-201710-0213
Vulnerability from variot - Updated: 2023-12-18 10:44Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a group key reload vulnerability in the PeerKey handshake. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
[slackware-security] wpa_supplicant (SSA:2017-291-02)
New wpa_supplicant packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. This is the list of vulnerabilities that are addressed here: CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz
MD5 signatures: +-------------+
Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz
Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAlnnrOgACgkQakRjwEAQIjPgvQCfRcXlhuFjrDNPbEUeZrYLxnkW b+4An0l5cZOdtohI7Fq0NbryWajCOnM2 =5HQM -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0213",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "*"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "openstack cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "9front",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aerohive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "android open source",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "barracuda",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "broadcom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "centos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cradlepoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cypress semiconductor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "digi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "draytek",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "edimax computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "endian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "espressif",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hostap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipfire",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lancom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lede",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lifx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microchip",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mojo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nest",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netgear",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opnsense",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "omnirom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "open mesh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverbed",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "samsung mobile",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sony",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sophos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tp link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "texas instruments",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba commerce",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba electronic devices storage",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba memory",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turris omnia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "volumio",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xiaomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xirrus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zebra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dd wrt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "eero",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pfsense",
"version": null
},
{
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "freebsd",
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "linux enterprise desktop",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise point of sale",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "openstack cloud",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "hostapd",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "wpa supplicant",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "enterprise linux server",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "sr-m20ac1",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "sr-m20ac2",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "alliance wi-fi protected access 2",
"scope": null,
"trust": 0.6,
"vendor": "wi fi",
"version": null
},
{
"model": "scalance w-700",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "0"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.1"
},
{
"model": "pyxis supplystation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "sinamics smart access module",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v200"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.27.3264"
},
{
"model": "meraki mr34",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ck71a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2.0"
},
{
"model": "macbook air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18500"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.0"
},
{
"model": "meraki mr26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28000"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr84",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "510x0"
},
{
"model": "windows server r2 for itanium-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "contact itc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "81130"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.0.0"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr18",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.3"
},
{
"model": "scalance w1750d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "secure ii med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "210x0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "aironet access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "wap371 wireless-ac n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "contact rad-80211-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "contact fl wlan dap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.25"
},
{
"model": "pyxis medstation es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88210"
},
{
"model": "pyxis stockstation system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "macbook",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.2"
},
{
"model": "scalance wlc712",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "contact fl wlan spa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "meraki mr62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic et200 pro im154-6 pn iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "tropos broadband mesh routers and bridges",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.2"
},
{
"model": "meraki mr33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "micros handheld terminal",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.2"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.6"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "110x0"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.4"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "contact fl comserver wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "232/422/4850"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.8"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7."
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1.91.3272"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.9"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "230802-110"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.1"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr14",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18150"
},
{
"model": "wireless client bridge 2.0.0.1-aruba501-b00",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.2"
},
{
"model": "airport express",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr16",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clarity engine",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0"
},
{
"model": "meraki mr30h",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0"
},
{
"model": "contact bl2 bpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "watch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "4.0"
},
{
"model": "ruggedcom rx1400",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "cn70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "pyxis parx handheld",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.40.100"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "meraki mr42",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.6"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.3"
},
{
"model": "wap561 wireless-n dual radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.26.3000"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6"
},
{
"model": "tvos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "contact rad-whg/wlan-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.3"
},
{
"model": "wi-fi update for boot camp",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.4.0"
},
{
"model": "suremark printer 2nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.0.0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.8"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "pyxis supply roller",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3"
},
{
"model": "telepresence collaboration endpoint",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2.61.3535"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "70xx0"
},
{
"model": "imac",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr72",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.25.3001"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2"
},
{
"model": "meraki mr53",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "wap551 wireless-n single radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.0.0"
},
{
"model": "wap121 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.5"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.0.1000"
},
{
"model": "wireless client bridge 1.0.1.3-hp501-b0012",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "i.roc ci70-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.0.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1"
},
{
"model": "cn70e-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.0.0.0"
},
{
"model": "meraki mr24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "suremark printer 1nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "50xx0"
},
{
"model": "meraki mr74",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.15"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.20"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.1"
},
{
"model": "systems esp32",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "micros handheld terminal 2.03.0.0.021r",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "38000"
},
{
"model": "pyxis parx",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dx70",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1.9"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2141"
},
{
"model": "pyxis anesthesia es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "aironet series officeextend access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18100"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.55.3000"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "meraki mr66",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2131"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.2"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18300"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.0.50.1004"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.1.0"
},
{
"model": "wap321 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic iwlan-pb/link",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "aironet 1810w series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr52",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr12",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airmesh msr",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.20"
},
{
"model": "watchos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "contact fl wlan ec",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.8"
},
{
"model": "systems esp8266",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "pad-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.0.1205"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88610"
},
{
"model": "clarity engine",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0.0.1"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15600"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.5"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.8"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "meraki mr58",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.2"
},
{
"model": "pyxis parassist system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0"
},
{
"model": "simatic mobile panel 277 iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "pyxis medstation t2",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.0.0"
},
{
"model": "wi-fi update for boot camp",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "30xx0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.6"
},
{
"model": "wireless client bridge",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "5010"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.5"
},
{
"model": "meraki mr11",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "35000"
},
{
"model": "automation stratix 15.3 jc1",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "5100"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "pyxis ciisafe workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "??0"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.0.0"
},
{
"model": "ipad air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1.71.3608"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.41.3024"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "dx80",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.0"
},
{
"model": "contact bl2 ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "contact tpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "60130"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1"
},
{
"model": "ck70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.20"
},
{
"model": "macbook pro",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.8"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.4"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.2"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.3"
},
{
"model": "tab-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "macmini",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.16"
},
{
"model": "contact fl wlan epa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "airport time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "alliance wpa2 (wi-fi protected access",
"scope": "eq",
"trust": 0.3,
"vendor": "wi fi",
"version": "2)0"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.9"
},
{
"model": "scalance wlc711",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "ruggedcom rs9xxw",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.15"
},
{
"model": "networks unifi access point",
"scope": "eq",
"trust": 0.3,
"vendor": "ubiquiti",
"version": "0"
},
{
"model": "suremark printer 2cr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88650"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "asa 5506w-x w/ firepower services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.9"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3005"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.0.0.0"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2010"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "alliance",
"scope": "eq",
"trust": 0.2,
"vendor": "wi fi",
"version": "*"
},
{
"model": "protected access 2",
"scope": null,
"trust": 0.2,
"vendor": "wi fi",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30400"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009176"
},
{
"db": "NVD",
"id": "CVE-2017-13084"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-386"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13084"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
"sources": [
{
"db": "BID",
"id": "101274"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-386"
}
],
"trust": 0.9
},
"cve": "CVE-2017-13084",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-13084",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CNVD-2017-30400",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "37a5aa3e-4512-466b-9bc5-af5013c143e3",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-13084",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-13084",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-30400",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-386",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "37a5aa3e-4512-466b-9bc5-af5013c143e3",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-13084",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
},
{
"db": "CNVD",
"id": "CNVD-2017-30400"
},
{
"db": "VULMON",
"id": "CVE-2017-13084"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009176"
},
{
"db": "NVD",
"id": "CVE-2017-13084"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-386"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a group key reload vulnerability in the PeerKey handshake. WPA2 is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n[slackware-security] wpa_supplicant (SSA:2017-291-02)\n\nNew wpa_supplicant packages are available for Slackware 14.0, 14.1, 14.2,\nand -current to fix security issues. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. \n This update includes patches to mitigate the WPA2 protocol issues known\n as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n hijack TCP connections, and to forge and inject packets. This is the\n list of vulnerabilities that are addressed here:\n CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the\n 4-way handshake. \n CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n while processing it. \n CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. \n CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)\n PeerKey (TPK) key in the TDLS handshake. \n For more information, see:\n https://www.krackattacks.com/\n https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. |\n+------------------------------------------------------------------------+\n-----BEGIN PGP SIGNATURE-----\n\niEYEARECAAYFAlnnrOgACgkQakRjwEAQIjPgvQCfRcXlhuFjrDNPbEUeZrYLxnkW\nb+4An0l5cZOdtohI7Fq0NbryWajCOnM2\n=5HQM\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13084"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009176"
},
{
"db": "CNVD",
"id": "CNVD-2017-30400"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "IVD",
"id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
},
{
"db": "VULMON",
"id": "CVE-2017-13084"
},
{
"db": "PACKETSTORM",
"id": "144663"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#228519",
"trust": 4.2
},
{
"db": "NVD",
"id": "CVE-2017-13084",
"trust": 3.7
},
{
"db": "BID",
"id": "101274",
"trust": 2.6
},
{
"db": "LENOVO",
"id": "LEN-17420",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1039581",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039576",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039577",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-901333",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-01",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2017-30400",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-386",
"trust": 0.8
},
{
"db": "JUNIPER",
"id": "JSA10827",
"trust": 0.8
},
{
"db": "DLINK",
"id": "SAP10075",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90609033",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009176",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-299-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSMA-19-029-01",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-353-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSMA-18-114-01",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-325-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "37A5AA3E-4512-466B-9BC5-AF5013C143E3",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2017-13084",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144663",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30400"
},
{
"db": "VULMON",
"id": "CVE-2017-13084"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009176"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "NVD",
"id": "CVE-2017-13084"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-386"
}
]
},
"id": "VAR-201710-0213",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
},
{
"db": "CNVD",
"id": "CNVD-2017-30400"
}
],
"trust": 1.3965711281818183
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
},
{
"db": "CNVD",
"id": "CNVD-2017-30400"
}
]
},
"last_update_date": "2023-12-18T10:44:55.150000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ARUBA-PSA-2017-007",
"trust": 0.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"title": "LEN-17420",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/en/product_security/len-17420"
},
{
"title": "NV17-024",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
},
{
"title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"title": "WPA packet number reuse with replayed messages and key reinstallation",
"trust": 0.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
},
{
"title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.iodata.jp/support/information/2017/wpa2/"
},
{
"title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/info/20171110/"
},
{
"title": "Patch for WPA2 Wireless Network STK Key Reload Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/103824"
},
{
"title": "Multiple WiFi product WPA2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75500"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
},
{
"title": "Red Hat: CVE-2017-13084",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13084"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13084"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
},
{
"title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
},
{
"title": "KRACK",
"trust": 0.1,
"url": "https://github.com/chinatso/krack "
},
{
"title": "krackinfo",
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/merlinepedra/krack "
},
{
"title": "nixos-issue-db-example",
"trust": 0.1,
"url": "https://github.com/andir/nixos-issue-db-example "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30400"
},
{
"db": "VULMON",
"id": "CVE-2017-13084"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009176"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-386"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009176"
},
{
"db": "NVD",
"id": "CVE-2017-13084"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://www.krackattacks.com/"
},
{
"trust": 2.9,
"url": "http://www.securityfocus.com/bid/101274"
},
{
"trust": 2.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
},
{
"trust": 2.5,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"trust": 1.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039581"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039577"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039576"
},
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/len-17420"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"trust": 1.6,
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"trust": 1.1,
"url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
},
{
"trust": 1.1,
"url": "https://w1.fi/security/2017-1/"
},
{
"trust": 1.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/323.html"
},
{
"trust": 0.8,
"url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
},
{
"trust": 0.8,
"url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
},
{
"trust": 0.8,
"url": "https://www.al-enterprise.com/en/support/security-alert-krack"
},
{
"trust": 0.8,
"url": "https://support.apple.com/en-gb/ht208222"
},
{
"trust": 0.8,
"url": "https://security.archlinux.org/avg-447"
},
{
"trust": 0.8,
"url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
},
{
"trust": 0.8,
"url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
},
{
"trust": 0.8,
"url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
},
{
"trust": 0.8,
"url": "https://community.cypress.com/docs/doc-13871"
},
{
"trust": 0.8,
"url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
},
{
"trust": 0.8,
"url": "https://www.debian.org/security/2017/dsa-3999"
},
{
"trust": 0.8,
"url": "http://www.dell.com/support/article/sln307822"
},
{
"trust": 0.8,
"url": "https://github.com/espressif/esp8266_nonos_sdk"
},
{
"trust": 0.8,
"url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
},
{
"trust": 0.8,
"url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
},
{
"trust": 0.8,
"url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
},
{
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 0.8,
"url": "https://bugs.gentoo.org/634440"
},
{
"trust": 0.8,
"url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
},
{
"trust": 0.8,
"url": "https://kb.juniper.net/jsa10827"
},
{
"trust": 0.8,
"url": "https://support.lenovo.com/ca/en/product_security/len-17420"
},
{
"trust": 0.8,
"url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
},
{
"trust": 0.8,
"url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
},
{
"trust": 0.8,
"url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
},
{
"trust": 0.8,
"url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
},
{
"trust": 0.8,
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
},
{
"trust": 0.8,
"url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
},
{
"trust": 0.8,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
},
{
"trust": 0.8,
"url": "https://community.sophos.com/kb/en-us/127658"
},
{
"trust": 0.8,
"url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
},
{
"trust": 0.8,
"url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
},
{
"trust": 0.8,
"url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
},
{
"trust": 0.8,
"url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
},
{
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"trust": 0.8,
"url": "http://en.miui.com/thread-954223-1-1.html"
},
{
"trust": 0.8,
"url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
},
{
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
},
{
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
},
{
"trust": 0.8,
"url": "https://community.rsa.com/docs/doc-84103"
},
{
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k23642330"
},
{
"trust": 0.8,
"url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
},
{
"trust": 0.8,
"url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90609033/index.html"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
},
{
"trust": 0.6,
"url": "https://www.kb.cert.org/vuls/id/228519/"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13084"
},
{
"trust": 0.3,
"url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
},
{
"trust": 0.3,
"url": "http://www.wi-fi.org/index.php"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-ie/ht208847"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208334"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208327"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208325"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13077"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13078"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13080"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13081"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13082"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13086"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13087"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13088"
},
{
"trust": 0.3,
"url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/330.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30400"
},
{
"db": "VULMON",
"id": "CVE-2017-13084"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009176"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "NVD",
"id": "CVE-2017-13084"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-386"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30400"
},
{
"db": "VULMON",
"id": "CVE-2017-13084"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009176"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "NVD",
"id": "CVE-2017-13084"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-386"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-17T00:00:00",
"db": "IVD",
"id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
},
{
"date": "2017-10-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30400"
},
{
"date": "2017-10-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13084"
},
{
"date": "2017-10-16T00:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2017-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009176"
},
{
"date": "2017-10-18T20:44:00",
"db": "PACKETSTORM",
"id": "144663"
},
{
"date": "2017-10-17T13:29:00.520000",
"db": "NVD",
"id": "CVE-2017-13084"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-386"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30400"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13084"
},
{
"date": "2019-02-21T09:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2018-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009176"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-13084"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-386"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-386"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-386"
}
],
"trust": 0.6
}
}
CVE-2023-43491 (GCVE-0-2023-43491)
Vulnerability from cvelistv5 – Published: 2024-04-17 12:55 – Updated: 2025-11-04 18:17
VLAI
Summary
An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Peplink | Smart Reader |
Affected:
v1.2.0 (in QEMU)
|
|
| peplink | smart_reader |
Affected:
v1.2.0
cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "smart_reader",
"vendor": "peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-43491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T16:14:15.245093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T16:19:27.931Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:17:26.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1863",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1863"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"tags": [
"x_transferred"
],
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240828-0005/"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Reader",
"vendor": "Peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0 (in QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-17T17:00:07.280Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1863",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1863"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-43491",
"datePublished": "2024-04-17T12:55:49.894Z",
"dateReserved": "2023-11-22T15:39:30.258Z",
"dateUpdated": "2025-11-04T18:17:26.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-45209 (GCVE-0-2023-45209)
Vulnerability from cvelistv5 – Published: 2024-04-17 12:55 – Updated: 2025-11-04 18:17
VLAI
Summary
An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Peplink | Smart Reader |
Affected:
v1.2.0 (in QEMU)
|
|
| peplink | smart_reader |
Affected:
1.2.0
cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "smart_reader",
"vendor": "peplink",
"versions": [
{
"status": "affected",
"version": "1.2.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45209",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-22T18:08:56.299049Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:19:56.078Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:17:29.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1865",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1865"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"tags": [
"x_transferred"
],
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1865"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Reader",
"vendor": "Peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0 (in QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-17T17:00:08.153Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1865",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1865"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-45209",
"datePublished": "2024-04-17T12:55:49.210Z",
"dateReserved": "2023-11-22T15:46:22.237Z",
"dateUpdated": "2025-11-04T18:17:29.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-45744 (GCVE-0-2023-45744)
Vulnerability from cvelistv5 – Published: 2024-04-17 12:55 – Updated: 2025-11-04 18:17
VLAI
Summary
A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to configuration modification. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.
Severity
8.3 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Peplink | Smart Reader |
Affected:
v1.2.0 (in QEMU)
|
|
| peplink | smart_reader |
Affected:
v1.2.0
cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "smart_reader",
"vendor": "peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45744",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-23T19:39:57.674026Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:20:03.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:17:46.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1866",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1866"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"tags": [
"x_transferred"
],
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240828-0006/"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1866"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Reader",
"vendor": "Peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0 (in QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to configuration modification. An attacker can make an unauthenticated HTTP request to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-17T17:00:08.519Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1866",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1866"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-45744",
"datePublished": "2024-04-17T12:55:48.462Z",
"dateReserved": "2023-11-22T15:48:03.435Z",
"dateUpdated": "2025-11-04T18:17:46.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-39367 (GCVE-0-2023-39367)
Vulnerability from cvelistv5 – Published: 2024-04-17 12:55 – Updated: 2025-11-04 18:16
VLAI
Summary
An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Peplink | Smart Reader |
Affected:
v1.2.0 (in QEMU)
|
|
| peplink | smart_reader |
Affected:
v1.2.0
cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "smart_reader",
"vendor": "peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39367",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-19T17:52:50.720148Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:05.717Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:16:28.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1867",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1867"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"tags": [
"x_transferred"
],
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1867"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Reader",
"vendor": "Peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0 (in QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-17T17:00:07.722Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1867",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1867"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-39367",
"datePublished": "2024-04-17T12:55:47.790Z",
"dateReserved": "2023-11-22T15:49:49.717Z",
"dateUpdated": "2025-11-04T18:16:28.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-40146 (GCVE-0-2023-40146)
Vulnerability from cvelistv5 – Published: 2024-04-17 12:55 – Updated: 2025-11-04 18:16
VLAI
Summary
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials and execute unblocked default busybox functionality to trigger this vulnerability.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Peplink | Smart Reader |
Affected:
v1.2.0 (in QEMU)
|
|
| peplink | smart_reader |
Affected:
v1.2.0
cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "smart_reader",
"vendor": "peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40146",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-23T15:06:54.797339Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:19:07.360Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:16:38.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1868",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1868"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"tags": [
"x_transferred"
],
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240822-0008/"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1868"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Reader",
"vendor": "Peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0 (in QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials and execute unblocked default busybox functionality to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-17T17:00:06.782Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1868",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1868"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-40146",
"datePublished": "2024-04-17T12:55:47.083Z",
"dateReserved": "2023-11-22T15:53:45.393Z",
"dateUpdated": "2025-11-04T18:16:38.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-34356 (GCVE-0-2023-34356)
Vulnerability from cvelistv5 – Published: 2023-10-11 15:16 – Updated: 2025-11-04 19:16
VLAI
Summary
An OS command injection vulnerability exists in the data.cgi xfer_dns functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Severity
7.2 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Peplink | Surf SOHO HW1 |
Affected:
v6.3.5 (in QEMU)
|
|
| peplink | surf_soho |
Affected:
hw1 , ≤ v6.35
(custom)
cpe:2.3:h:peplink:surf_soho:hw1:-:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:16:45.332Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1778",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1778"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1778"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:peplink:surf_soho:hw1:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "surf_soho",
"vendor": "peplink",
"versions": [
{
"lessThanOrEqual": "v6.35",
"status": "affected",
"version": "hw1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34356",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T18:45:44.398881Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T18:47:25.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Surf SOHO HW1",
"vendor": "Peplink",
"versions": [
{
"status": "affected",
"version": "v6.3.5 (in QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability exists in the data.cgi xfer_dns functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-11T17:00:08.369Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1778",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1778"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-34356",
"datePublished": "2023-10-11T15:16:57.837Z",
"dateReserved": "2023-06-14T20:04:18.559Z",
"dateUpdated": "2025-11-04T19:16:45.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-28381 (GCVE-0-2023-28381)
Vulnerability from cvelistv5 – Published: 2023-10-11 15:16 – Updated: 2025-11-04 19:15
VLAI
Summary
An OS command injection vulnerability exists in the admin.cgi MVPN_trial_init functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Severity
7.2 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Peplink | Surf SOHO HW1 |
Affected:
v6.3.5 (in QEMU)
|
|
| peplink | surf_soho_firmware |
Affected:
6.3.5
cpe:2.3:o:peplink:surf_soho_firmware:6.3.5:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:15:50.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1779",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1779"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1779"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:peplink:surf_soho_firmware:6.3.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "surf_soho_firmware",
"vendor": "peplink",
"versions": [
{
"status": "affected",
"version": "6.3.5"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28381",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T14:06:28.272014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T14:06:58.976Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Surf SOHO HW1",
"vendor": "Peplink",
"versions": [
{
"status": "affected",
"version": "v6.3.5 (in QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability exists in the admin.cgi MVPN_trial_init functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-11T17:00:08.675Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1779",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1779"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-28381",
"datePublished": "2023-10-11T15:16:57.415Z",
"dateReserved": "2023-06-14T20:05:43.486Z",
"dateUpdated": "2025-11-04T19:15:50.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-45209 (GCVE-0-2023-45209)
Vulnerability from nvd – Published: 2024-04-17 12:55 – Updated: 2025-11-04 18:17
VLAI
Summary
An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Peplink | Smart Reader |
Affected:
v1.2.0 (in QEMU)
|
|
| peplink | smart_reader |
Affected:
1.2.0
cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "smart_reader",
"vendor": "peplink",
"versions": [
{
"status": "affected",
"version": "1.2.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45209",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-22T18:08:56.299049Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:19:56.078Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:17:29.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1865",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1865"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"tags": [
"x_transferred"
],
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1865"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Reader",
"vendor": "Peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0 (in QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-17T17:00:08.153Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1865",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1865"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-45209",
"datePublished": "2024-04-17T12:55:49.210Z",
"dateReserved": "2023-11-22T15:46:22.237Z",
"dateUpdated": "2025-11-04T18:17:29.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-43491 (GCVE-0-2023-43491)
Vulnerability from nvd – Published: 2024-04-17 12:55 – Updated: 2025-11-04 18:17
VLAI
Summary
An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Peplink | Smart Reader |
Affected:
v1.2.0 (in QEMU)
|
|
| peplink | smart_reader |
Affected:
v1.2.0
cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "smart_reader",
"vendor": "peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-43491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T16:14:15.245093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T16:19:27.931Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:17:26.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1863",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1863"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"tags": [
"x_transferred"
],
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240828-0005/"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Reader",
"vendor": "Peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0 (in QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-17T17:00:07.280Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1863",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1863"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-43491",
"datePublished": "2024-04-17T12:55:49.894Z",
"dateReserved": "2023-11-22T15:39:30.258Z",
"dateUpdated": "2025-11-04T18:17:26.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-45744 (GCVE-0-2023-45744)
Vulnerability from nvd – Published: 2024-04-17 12:55 – Updated: 2025-11-04 18:17
VLAI
Summary
A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to configuration modification. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.
Severity
8.3 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Peplink | Smart Reader |
Affected:
v1.2.0 (in QEMU)
|
|
| peplink | smart_reader |
Affected:
v1.2.0
cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "smart_reader",
"vendor": "peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45744",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-23T19:39:57.674026Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:20:03.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:17:46.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1866",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1866"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"tags": [
"x_transferred"
],
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240828-0006/"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1866"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Reader",
"vendor": "Peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0 (in QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to configuration modification. An attacker can make an unauthenticated HTTP request to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-17T17:00:08.519Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1866",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1866"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-45744",
"datePublished": "2024-04-17T12:55:48.462Z",
"dateReserved": "2023-11-22T15:48:03.435Z",
"dateUpdated": "2025-11-04T18:17:46.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-39367 (GCVE-0-2023-39367)
Vulnerability from nvd – Published: 2024-04-17 12:55 – Updated: 2025-11-04 18:16
VLAI
Summary
An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Peplink | Smart Reader |
Affected:
v1.2.0 (in QEMU)
|
|
| peplink | smart_reader |
Affected:
v1.2.0
cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "smart_reader",
"vendor": "peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39367",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-19T17:52:50.720148Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:05.717Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:16:28.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1867",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1867"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"tags": [
"x_transferred"
],
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1867"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Reader",
"vendor": "Peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0 (in QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-17T17:00:07.722Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1867",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1867"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-39367",
"datePublished": "2024-04-17T12:55:47.790Z",
"dateReserved": "2023-11-22T15:49:49.717Z",
"dateUpdated": "2025-11-04T18:16:28.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-40146 (GCVE-0-2023-40146)
Vulnerability from nvd – Published: 2024-04-17 12:55 – Updated: 2025-11-04 18:16
VLAI
Summary
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials and execute unblocked default busybox functionality to trigger this vulnerability.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Peplink | Smart Reader |
Affected:
v1.2.0 (in QEMU)
|
|
| peplink | smart_reader |
Affected:
v1.2.0
cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:peplink:smart_reader:v1.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "smart_reader",
"vendor": "peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40146",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-23T15:06:54.797339Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:19:07.360Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:16:38.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1868",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1868"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"tags": [
"x_transferred"
],
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240822-0008/"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1868"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Reader",
"vendor": "Peplink",
"versions": [
{
"status": "affected",
"version": "v1.2.0 (in QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials and execute unblocked default busybox functionality to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-17T17:00:06.782Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1868",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1868"
},
{
"name": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256",
"url": "https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-40146",
"datePublished": "2024-04-17T12:55:47.083Z",
"dateReserved": "2023-11-22T15:53:45.393Z",
"dateUpdated": "2025-11-04T18:16:38.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-34356 (GCVE-0-2023-34356)
Vulnerability from nvd – Published: 2023-10-11 15:16 – Updated: 2025-11-04 19:16
VLAI
Summary
An OS command injection vulnerability exists in the data.cgi xfer_dns functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Severity
7.2 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Peplink | Surf SOHO HW1 |
Affected:
v6.3.5 (in QEMU)
|
|
| peplink | surf_soho |
Affected:
hw1 , ≤ v6.35
(custom)
cpe:2.3:h:peplink:surf_soho:hw1:-:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:16:45.332Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1778",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1778"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1778"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:peplink:surf_soho:hw1:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "surf_soho",
"vendor": "peplink",
"versions": [
{
"lessThanOrEqual": "v6.35",
"status": "affected",
"version": "hw1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34356",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T18:45:44.398881Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T18:47:25.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Surf SOHO HW1",
"vendor": "Peplink",
"versions": [
{
"status": "affected",
"version": "v6.3.5 (in QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability exists in the data.cgi xfer_dns functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-11T17:00:08.369Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1778",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1778"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-34356",
"datePublished": "2023-10-11T15:16:57.837Z",
"dateReserved": "2023-06-14T20:04:18.559Z",
"dateUpdated": "2025-11-04T19:16:45.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}