CVE-2017-13078
Low
Low
Medium
High
Critical
CVSS Score
Vulnerability Description
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
Known Affected Software
82 configuration(s) from 7 vendor(s)
ubuntu_linux
Version:
14.04
CPE:
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
ubuntu_linux
Version:
17.04
CPE:
cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*
ubuntu_linux
Version:
16.04
CPE:
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:*:*:*:*
debian_linux
Version:
8.0
CPE:
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
debian_linux
Version:
9.0
CPE:
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
freebsd
Version:
11.1
CPE:
cpe:2.3:o:freebsd:freebsd:11.1:p15:*:*:*:*:*:*
freebsd
Version:
10
CPE:
cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*
freebsd
Version:
11
CPE:
cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*
freebsd
Version:
10.4
CPE:
cpe:2.3:o:freebsd:freebsd:10.4:-:*:*:*:*:*:*
leap
Version:
42.3
CPE:
cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
leap
Version:
42.2
CPE:
cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
enterprise_linux_server
Version:
7
CPE:
cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*
enterprise_linux_desktop
Version:
7
CPE:
cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*
linux_enterprise_server
Version:
12
CPE:
cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:-:*:*:*
linux_enterprise_server
Version:
11
CPE:
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:-:*:*:*
linux_enterprise_point_of_sale
Version:
11
CPE:
cpe:2.3:a:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*
linux_enterprise_desktop
Version:
12
CPE:
cpe:2.3:o:suse:linux_enterprise_desktop:12:sp4:*:*:*:*:*:*
openstack_cloud
Version:
6
CPE:
cpe:2.3:a:suse:openstack_cloud:6:*:*:*:*:*:*:*
hostapd
Version:
0.6.10
CPE:
cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*
hostapd
Version:
0.3.9
CPE:
cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.2.7
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.3.9
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.4.9
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.4.10
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.6.9
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.2.8
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*
wpa_supplicant
Version:
2.5
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.5.10
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*
hostapd
Version:
2.1
CPE:
cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*
wpa_supplicant
Version:
2.4
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.3.11
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*
hostapd
Version:
2.0
CPE:
cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.2.6
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*
hostapd
Version:
2.6
CPE:
cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*
wpa_supplicant
Version:
2.6
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*
hostapd
Version:
0.5.10
CPE:
cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*
hostapd
Version:
0.4.10
CPE:
cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*
hostapd
Version:
0.5.9
CPE:
cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.2.5
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*
hostapd
Version:
2.5
CPE:
cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*
hostapd
Version:
0.3.11
CPE:
cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*
hostapd
Version:
0.7.3
CPE:
cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*
wpa_supplicant
Version:
1.1
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*
hostapd
Version:
0.5.8
CPE:
cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.5.11
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*
hostapd
Version:
0.3.7
CPE:
cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.4.8
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*
hostapd
Version:
0.4.8
CPE:
cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.5.7
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*
hostapd
Version:
0.2.4
CPE:
cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*
hostapd
Version:
1.0
CPE:
cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.5.9
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*
hostapd
Version:
0.2.6
CPE:
cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.6.8
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*
hostapd
Version:
2.3
CPE:
cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.7.3
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*
hostapd
Version:
0.5.11
CPE:
cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*
wpa_supplicant
Version:
2.0
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*
hostapd
Version:
0.2.8
CPE:
cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.3.7
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.3.10
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.5.8
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*
hostapd
Version:
0.3.10
CPE:
cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*
hostapd
Version:
0.5.7
CPE:
cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*
hostapd
Version:
0.6.8
CPE:
cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*
wpa_supplicant
Version:
1.0
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.4.11
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*
hostapd
Version:
0.2.5
CPE:
cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*
hostapd
Version:
0.6.9
CPE:
cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*
hostapd
Version:
0.4.9
CPE:
cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*
wpa_supplicant
Version:
2.3
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.4.7
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*
hostapd
Version:
1.1
CPE:
cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*
wpa_supplicant
Version:
2.1
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.2.4
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.6.10
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*
hostapd
Version:
2.2
CPE:
cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*
wpa_supplicant
Version:
2.2
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*
hostapd
Version:
0.4.11
CPE:
cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*
hostapd
Version:
2.4
CPE:
cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*
wpa_supplicant
Version:
0.3.8
CPE:
cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*
hostapd
Version:
0.4.7
CPE:
cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*
This vulnerability affects 82 software configuration(s). Ensure you patch all affected systems.
References & Resources
-
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.htmlcret@cert.org Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.htmlcret@cert.org Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.htmlcret@cert.org Third Party Advisory
-
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txtcret@cert.org Third Party Advisory
-
http://www.debian.org/security/2017/dsa-3999cret@cert.org Third Party Advisory
-
http://www.kb.cert.org/vuls/id/228519cret@cert.org Third Party Advisory US Government Resource
-
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlcret@cert.org
-
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlcret@cert.org
-
http://www.securityfocus.com/bid/101274cret@cert.org Third Party Advisory VDB Entry
-
http://www.securitytracker.com/id/1039573cret@cert.org Third Party Advisory VDB Entry
-
http://www.securitytracker.com/id/1039576cret@cert.org Third Party Advisory VDB Entry
-
http://www.securitytracker.com/id/1039577cret@cert.org Third Party Advisory VDB Entry
-
http://www.securitytracker.com/id/1039578cret@cert.org Third Party Advisory VDB Entry
-
http://www.securitytracker.com/id/1039581cret@cert.org Third Party Advisory VDB Entry
-
http://www.securitytracker.com/id/1039585cret@cert.org Third Party Advisory VDB Entry
-
http://www.ubuntu.com/usn/USN-3455-1cret@cert.org Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2017:2907cret@cert.org Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2017:2911cret@cert.org Third Party Advisory
-
https://access.redhat.com/security/vulnerabilities/krackscret@cert.org Third Party Advisory
-
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdfcret@cert.org
-
https://cert.vde.com/en-us/advisories/vde-2017-003cret@cert.org
-
https://cert.vde.com/en-us/advisories/vde-2017-005cret@cert.org
-
https://lists.debian.org/debian-lts-announce/2018/11/msg00015.htmlcret@cert.org
-
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asccret@cert.org Third Party Advisory
-
https://security.gentoo.org/glsa/201711-03cret@cert.org
-
https://source.android.com/security/bulletin/2017-11-01cret@cert.org
-
https://support.apple.com/HT208219cret@cert.org
-
https://support.apple.com/HT208220cret@cert.org
-
https://support.apple.com/HT208221cret@cert.org
-
https://support.apple.com/HT208222cret@cert.org
-
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_uscret@cert.org
-
https://support.lenovo.com/us/en/product_security/LEN-17420cret@cert.org Third Party Advisory
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpacret@cert.org Third Party Advisory
-
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txtcret@cert.org Third Party Advisory
-
https://www.krackattacks.com/cret@cert.org Technical Description Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.htmlaf854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.htmlaf854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.htmlaf854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txtaf854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
http://www.debian.org/security/2017/dsa-3999af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
http://www.kb.cert.org/vuls/id/228519af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory US Government Resource
-
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlaf854a3a-2127-422b-91ae-364da2661108
-
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlaf854a3a-2127-422b-91ae-364da2661108
-
http://www.securityfocus.com/bid/101274af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory VDB Entry
-
http://www.securitytracker.com/id/1039573af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory VDB Entry
-
http://www.securitytracker.com/id/1039576af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory VDB Entry
-
http://www.securitytracker.com/id/1039577af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory VDB Entry
-
http://www.securitytracker.com/id/1039578af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory VDB Entry
-
http://www.securitytracker.com/id/1039581af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory VDB Entry
-
http://www.securitytracker.com/id/1039585af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory VDB Entry
-
http://www.ubuntu.com/usn/USN-3455-1af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2017:2907af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2017:2911af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://access.redhat.com/security/vulnerabilities/kracksaf854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdfaf854a3a-2127-422b-91ae-364da2661108
-
https://cert.vde.com/en-us/advisories/vde-2017-003af854a3a-2127-422b-91ae-364da2661108
-
https://cert.vde.com/en-us/advisories/vde-2017-005af854a3a-2127-422b-91ae-364da2661108
-
https://lists.debian.org/debian-lts-announce/2018/11/msg00015.htmlaf854a3a-2127-422b-91ae-364da2661108
-
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.ascaf854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://security.gentoo.org/glsa/201711-03af854a3a-2127-422b-91ae-364da2661108
-
https://source.android.com/security/bulletin/2017-11-01af854a3a-2127-422b-91ae-364da2661108
-
https://support.apple.com/HT208219af854a3a-2127-422b-91ae-364da2661108
-
https://support.apple.com/HT208220af854a3a-2127-422b-91ae-364da2661108
-
https://support.apple.com/HT208221af854a3a-2127-422b-91ae-364da2661108
-
https://support.apple.com/HT208222af854a3a-2127-422b-91ae-364da2661108
-
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_usaf854a3a-2127-422b-91ae-364da2661108
-
https://support.lenovo.com/us/en/product_security/LEN-17420af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpaaf854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txtaf854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://www.krackattacks.com/af854a3a-2127-422b-91ae-364da2661108 Technical Description Third Party Advisory
Severity Details
out of 10.0
Low
Weakness Type (CWE)
CWE-323
Reusing a Nonce, Key Pair in Encryption
- Description
- Nonces should be used for the present occasion and only once.
- Exploit Likelihood
- High
- Typical Severity
- High
- Abstraction Level
- Base
Key Information
- Published Date
- October 17, 2017
