CVE-2017-13080

Опубликовано: 17 окт. 2017

Источник: nvd

CVSS3: 5.3

CVSS2: 2.9

EPSS Низкий

Описание

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html
Third Party Advisory
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt
Third Party Advisory
http://www.debian.org/security/2017/dsa-3999
Third Party Advisory
http://www.kb.cert.org/vuls/id/228519
Third Party Advisory
US Government Resource
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.securityfocus.com/bid/101274
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039572
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039573
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039576
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039577
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039578
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039581
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039585
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039703
http://www.ubuntu.com/usn/USN-3455-1
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2907
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2911
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*

cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01118

Низкий

5.3 Medium

CVSS3

2.9 Low

CVSS2

Дефекты

CWE-323

CWE-330

Связанные уязвимости

CVE-2017-13080

CVSS3: 5.3

ubuntu

больше 7 лет назад

CVE-2017-13080

CVSS3: 8.1

redhat

больше 7 лет назад

CVE-2017-13080

CVSS3: 4.2

msrc

больше 7 лет назад

Windows Wireless WPA Group Key Reinstallation Vulnerability

CVE-2017-13080

CVSS3: 5.3

debian

больше 7 лет назад

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Gro ...

GHSA-jq36-53qv-7v3m

CVSS3: 5.3

github

около 3 лет назад

EPSS

Процентиль: 77%

0.01118

Низкий

5.3 Medium

CVSS3

2.9 Low

CVSS2

Дефекты

CWE-323

CWE-330