CVE-2017-13078
Vulnerability from cvelistv5
Published
2017-10-17 13:00
Modified
2024-08-05 18:58
Severity ?
Summary
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
References
cret@cert.orghttp://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.htmlThird Party Advisory
cret@cert.orghttp://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.htmlThird Party Advisory
cret@cert.orghttp://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.htmlThird Party Advisory
cret@cert.orghttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txtThird Party Advisory
cret@cert.orghttp://www.debian.org/security/2017/dsa-3999Third Party Advisory
cret@cert.orghttp://www.kb.cert.org/vuls/id/228519Third Party Advisory, US Government Resource
cret@cert.orghttp://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
cret@cert.orghttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
cret@cert.orghttp://www.securityfocus.com/bid/101274Third Party Advisory, VDB Entry
cret@cert.orghttp://www.securitytracker.com/id/1039573Third Party Advisory, VDB Entry
cret@cert.orghttp://www.securitytracker.com/id/1039576Third Party Advisory, VDB Entry
cret@cert.orghttp://www.securitytracker.com/id/1039577Third Party Advisory, VDB Entry
cret@cert.orghttp://www.securitytracker.com/id/1039578Third Party Advisory, VDB Entry
cret@cert.orghttp://www.securitytracker.com/id/1039581Third Party Advisory, VDB Entry
cret@cert.orghttp://www.securitytracker.com/id/1039585Third Party Advisory, VDB Entry
cret@cert.orghttp://www.ubuntu.com/usn/USN-3455-1Third Party Advisory
cret@cert.orghttps://access.redhat.com/errata/RHSA-2017:2907Third Party Advisory
cret@cert.orghttps://access.redhat.com/errata/RHSA-2017:2911Third Party Advisory
cret@cert.orghttps://access.redhat.com/security/vulnerabilities/kracksThird Party Advisory
cret@cert.orghttps://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
cret@cert.orghttps://cert.vde.com/en-us/advisories/vde-2017-003
cret@cert.orghttps://cert.vde.com/en-us/advisories/vde-2017-005
cret@cert.orghttps://lists.debian.org/debian-lts-announce/2018/11/msg00015.html
cret@cert.orghttps://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.ascThird Party Advisory
cret@cert.orghttps://security.gentoo.org/glsa/201711-03
cret@cert.orghttps://source.android.com/security/bulletin/2017-11-01
cret@cert.orghttps://support.apple.com/HT208219
cret@cert.orghttps://support.apple.com/HT208220
cret@cert.orghttps://support.apple.com/HT208221
cret@cert.orghttps://support.apple.com/HT208222
cret@cert.orghttps://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us
cret@cert.orghttps://support.lenovo.com/us/en/product_security/LEN-17420Third Party Advisory
cret@cert.orghttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpaThird Party Advisory
cret@cert.orghttps://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txtThird Party Advisory
cret@cert.orghttps://www.krackattacks.com/Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txtThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2017/dsa-3999Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/228519Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/101274Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039573Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039576Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039577Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039578Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039581Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039585Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-3455-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2907Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2911Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/security/vulnerabilities/kracksThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
af854a3a-2127-422b-91ae-364da2661108https://cert.vde.com/en-us/advisories/vde-2017-003
af854a3a-2127-422b-91ae-364da2661108https://cert.vde.com/en-us/advisories/vde-2017-005
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html
af854a3a-2127-422b-91ae-364da2661108https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.ascThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201711-03
af854a3a-2127-422b-91ae-364da2661108https://source.android.com/security/bulletin/2017-11-01
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/HT208219
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/HT208220
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/HT208221
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/HT208222
af854a3a-2127-422b-91ae-364da2661108https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us
af854a3a-2127-422b-91ae-364da2661108https://support.lenovo.com/us/en/product_security/LEN-17420Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpaThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txtThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.krackattacks.com/Technical Description, Third Party Advisory
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.469Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208221"
          },
          {
            "name": "101274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "SUSE-SU-2017:2745",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "name": "DSA-3999",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "name": "1039578",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
          },
          {
            "name": "RHSA-2017:2911",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2911"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "name": "1039577",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
          },
          {
            "name": "openSUSE-SU-2017:2755",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208222"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "name": "GLSA-201711-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "name": "RHSA-2017:2907",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
          },
          {
            "name": "FreeBSD-SA-17:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.krackattacks.com/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "name": "1039573",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "name": "SUSE-SU-2017:2752",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "name": "1039576",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
          },
          {
            "name": "1039585",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "name": "VU#228519",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208220"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208219"
          },
          {
            "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "name": "USN-3455-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3455-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Wi-Fi Protected Access (WPA and WPA2)",
          "vendor": "Wi-Fi Alliance",
          "versions": [
            {
              "status": "affected",
              "version": "WPA"
            },
            {
              "status": "affected",
              "version": "WPA2"
            }
          ]
        }
      ],
      "datePublic": "2017-10-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-323",
              "description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-13T10:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1039581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039581"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208221"
        },
        {
          "name": "101274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101274"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "name": "SUSE-SU-2017:2745",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
        },
        {
          "name": "DSA-3999",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3999"
        },
        {
          "name": "1039578",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039578"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/kracks"
        },
        {
          "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
        },
        {
          "name": "RHSA-2017:2911",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2911"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
        },
        {
          "name": "1039577",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039577"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
        },
        {
          "name": "openSUSE-SU-2017:2755",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208222"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-11-01"
        },
        {
          "name": "GLSA-201711-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-03"
        },
        {
          "name": "RHSA-2017:2907",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2907"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
        },
        {
          "name": "FreeBSD-SA-17:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.krackattacks.com/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
        },
        {
          "name": "1039573",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039573"
        },
        {
          "name": "SUSE-SU-2017:2752",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
        },
        {
          "name": "1039576",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039576"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
        },
        {
          "name": "1039585",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039585"
        },
        {
          "name": "VU#228519",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/228519"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208220"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208219"
        },
        {
          "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
        },
        {
          "name": "USN-3455-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3455-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2017-13078",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Wi-Fi Protected Access (WPA and WPA2)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "WPA"
                          },
                          {
                            "version_value": "WPA2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Wi-Fi Alliance"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039581",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039581"
            },
            {
              "name": "https://support.apple.com/HT208221",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208221"
            },
            {
              "name": "101274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101274"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "SUSE-SU-2017:2745",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
            },
            {
              "name": "DSA-3999",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3999"
            },
            {
              "name": "1039578",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039578"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/kracks",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/kracks"
            },
            {
              "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
            },
            {
              "name": "RHSA-2017:2911",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2911"
            },
            {
              "name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
              "refsource": "MISC",
              "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
            },
            {
              "name": "1039577",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039577"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
            },
            {
              "name": "openSUSE-SU-2017:2755",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
            },
            {
              "name": "https://support.apple.com/HT208222",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208222"
            },
            {
              "name": "https://source.android.com/security/bulletin/2017-11-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2017-11-01"
            },
            {
              "name": "GLSA-201711-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-03"
            },
            {
              "name": "RHSA-2017:2907",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2907"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
            },
            {
              "name": "FreeBSD-SA-17:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
            },
            {
              "name": "https://www.krackattacks.com/",
              "refsource": "MISC",
              "url": "https://www.krackattacks.com/"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
            },
            {
              "name": "1039573",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039573"
            },
            {
              "name": "SUSE-SU-2017:2752",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
            },
            {
              "name": "1039576",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039576"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-003",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
            },
            {
              "name": "1039585",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039585"
            },
            {
              "name": "VU#228519",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/228519"
            },
            {
              "name": "https://support.apple.com/HT208220",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208220"
            },
            {
              "name": "https://support.apple.com/HT208219",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208219"
            },
            {
              "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
            },
            {
              "name": "USN-3455-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3455-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2017-13078",
    "datePublished": "2017-10-17T13:00:00",
    "dateReserved": "2017-08-22T00:00:00",
    "dateUpdated": "2024-08-05T18:58:12.469Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-13078\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2017-10-17T13:29:00.193\",\"lastModified\":\"2024-11-21T03:10:54.910\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.\"},{\"lang\":\"es\",\"value\":\"Wi-Fi Protected Access (WPA y WPA2) permite la reinstalaci\u00f3n de la clave temporal GTK (Group Temporal Key) durante la negociaci\u00f3n en cuatro pasos, haciendo que un atacante en el rango de radio reproduzca frames desde los puntos de acceso hasta los clientes.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":2.9,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":5.5,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cret@cert.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-323\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-330\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"588D4F37-0A56-47A4-B710-4D5F3D214FB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9EC02F3-3905-460D-8949-3B26394215CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4195DB45-CF5A-4FA6-BF58-BAF77EE555C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD5B9266-A927-4F62-8742-721CE9A4C4C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"602D3280-2974-4809-BE70-1EA9437AEBF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5753931-556B-4EEC-B510-751BA3613CE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2095C863-1FB0-4016-81FF-3CAB44E77FD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC7AAFCB-AB64-4B39-87AA-936E386A82C2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6454F0F-6CC1-4EA2-8D7C-51709FD7F318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFCB5512-B60E-48D7-B136-ADF19E5E74BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EB1420D-5D05-4BFC-8AF7-2AB00B76148B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21324D89-B634-4D6B-987B-4AD29079373D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AB43314-8725-48A0-8902-864567808AD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2AA3D0E-C483-4575-8209-DE643A3FEC7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0DE22EA-D5FA-4477-A3AD-F10455D8DB9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1212B910-E4A5-47A1-A263-4E1C13CF3EFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9A6A99E-5129-4E8D-A0AF-61755BDA3565\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC42F782-63CB-4960-BF65-4856776CFBE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"212B0353-4AEF-4861-A054-6193CAA05390\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E702507-5BA0-4A12-80C6-A729F32A6A80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24810936-DABC-485D-B952-22F16C3016FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AF46881-4484-4ABB-AC0C-152664E2CD6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"880CBDD7-BFEC-48F6-8C4C-D300143B6571\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B29CCA41-5784-48C3-B9ED-6B1FF063FB1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37B9643D-4046-4034-8B68-18F59154CD66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"681C458F-D1BD-48DA-86C7-BA714F5AA9B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4057F722-1A8E-4D75-B049-E3632AC8EF65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1F53FDB-7136-444E-AB03-9D8A6A31E249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63AB46C0-2F00-4805-84A9-323BA4E594DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06119A43-B1CA-4021-87D2-C67BE6125423\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"768D16AF-3A8B-47DD-A499-948A73062AE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BECC3EF-2777-4FF9-9750-93D1245A9247\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2D07095-6331-4079-BD86-E414CEE35624\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61CDB3D2-F6C3-43CF-ACE8-95E96DF02293\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B4681FC-44F4-4E86-8431-8EDAD65492D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC6FB535-AFFF-4083-AF1D-9E1ED504158F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A74105F9-E729-47BA-A96F-4D15947B673A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F5F7411-0B32-4041-8235-2B1AEC186FF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9191D783-4390-4603-9C4D-F673270E63C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E36F3308-EABA-451F-90E1-65919450A809\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44F6680B-7015-4EB0-AABC-A4DD50894CD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CAFF5E3-EA27-4688-87AD-1648003D3D1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"081B4F7E-D7D0-452A-AAEB-0378EB6E7BC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E00A5B5-81D8-4BF3-B857-028D7D06CA5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"476C3ED0-B77C-490F-AF1E-BC4C7D52D818\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B1972B5-F896-419C-9FFA-FB583B114B8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2E84533-EB76-4A8F-90ED-E9342EAF3427\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5AE0623-87CB-4CEF-BD3B-6BCF676031CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"905B55A4-2488-44D1-991F-C142C3527F18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDD1984D-BCC2-4FC6-B02E-226B1D8BC6F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90102D17-8D03-4F59-811B-FBFB98D627C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9381F69-1633-44DD-967F-D29587B67079\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9169BDAC-6207-4B6A-8EF3-D52DED1A9311\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FBCD6EA-4E6D-4C6E-97E5-B64F6CB90639\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62E17E03-53C6-4E74-91A8-4C4363666291\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4C6FEDE-B0E9-479A-9185-48D62DBC91FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"643762E2-969E-4531-B79E-961697E5DA8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"627AD871-2091-48E9-B801-3E3D5CF8E594\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BC691E5-6265-4FAB-9ACA-C65EB99AFA47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4701BF31-B3FC-4590-9787-3BA94ECB8D54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DB96005-E214-4C60-865E-B693115527D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF264-2315-43CE-B2A6-4234B394854C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3EF53AD-F985-446E-89B8-4BFECE00AD63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A11DBFA-9F0E-4358-8541-E5371C11FE80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"738AEB08-FF7D-4DC3-AB14-B8F2B9474810\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E8C5523-16E4-417E-A159-F5D0F9E83C5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB93C2FC-6913-448E-8B93-EEB2229EC86C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ECA3172-7088-4B5E-923D-37B155729BD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48FD6B1B-7555-449D-9CCB-1487FAEE8098\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9726F4DE-8037-49AD-A092-7EF9D5BF99EC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"57CFAD92-EECD-417D-ADDB-8178C320B204\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1DCD75C-9775-4922-8A44-C4707C640946\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"086BF5C5-255C-4E2E-83D3-A8B83AED6B60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*\",\"matchCriteriaId\":\"91F8AC0A-13B4-4DF0-B40D-8756ACCDB4C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"55C5561F-BE86-4EEA-99D4-8697F8BD9DFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"B2F3699A-38E4-4E9D-9414-411F71D9E371\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07E4AF6E-9BA4-4542-8F9F-6BA723F7A64D\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2017/dsa-3999\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/228519\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securityfocus.com/bid/101274\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039573\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039576\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039577\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039578\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039581\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039585\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3455-1\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2907\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2911\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/kracks\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf\",\"source\":\"cret@cert.org\"},{\"url\":\"https://cert.vde.com/en-us/advisories/vde-2017-003\",\"source\":\"cret@cert.org\"},{\"url\":\"https://cert.vde.com/en-us/advisories/vde-2017-005\",\"source\":\"cret@cert.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201711-03\",\"source\":\"cret@cert.org\"},{\"url\":\"https://source.android.com/security/bulletin/2017-11-01\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.apple.com/HT208219\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.apple.com/HT208220\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.apple.com/HT208221\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.apple.com/HT208222\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-17420\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.krackattacks.com/\",\"source\":\"cret@cert.org\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2017/dsa-3999\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/228519\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/101274\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039573\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039576\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039577\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039578\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039581\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039585\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3455-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2907\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2911\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/kracks\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert.vde.com/en-us/advisories/vde-2017-003\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert.vde.com/en-us/advisories/vde-2017-005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201711-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://source.android.com/security/bulletin/2017-11-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208219\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208220\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208221\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208222\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-17420\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.krackattacks.com/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.