CVE-2017-13082

Published Oct 17, 2017
Last updated 5 years ago
CVSS high 8.1
Overview

Description: Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
Source: cret@cert.org
NVD status: Modified
Risk scores

CVSS 3.0

Type: Primary
Base score: 8.1
Impact score: 5.2
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 5.8
Impact score: 6.4
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-330
cret@cert.org: CWE-323
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4195DB45-CF5A-4FA6-BF58-BAF77EE555C2"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD5B9266-A927-4F62-8742-721CE9A4C4C4"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "602D3280-2974-4809-BE70-1EA9437AEBF3"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5753931-556B-4EEC-B510-751BA3613CE6"
          },
          {
            "criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB"
          },
          {
            "criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2095C863-1FB0-4016-81FF-3CAB44E77FD9"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC7AAFCB-AB64-4B39-87AA-936E386A82C2"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6454F0F-6CC1-4EA2-8D7C-51709FD7F318"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFCB5512-B60E-48D7-B136-ADF19E5E74BD"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EB1420D-5D05-4BFC-8AF7-2AB00B76148B"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21324D89-B634-4D6B-987B-4AD29079373D"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AB43314-8725-48A0-8902-864567808AD7"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2AA3D0E-C483-4575-8209-DE643A3FEC7F"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0DE22EA-D5FA-4477-A3AD-F10455D8DB9A"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1212B910-E4A5-47A1-A263-4E1C13CF3EFC"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9A6A99E-5129-4E8D-A0AF-61755BDA3565"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC42F782-63CB-4960-BF65-4856776CFBE4"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "212B0353-4AEF-4861-A054-6193CAA05390"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E702507-5BA0-4A12-80C6-A729F32A6A80"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24810936-DABC-485D-B952-22F16C3016FC"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AF46881-4484-4ABB-AC0C-152664E2CD6F"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "880CBDD7-BFEC-48F6-8C4C-D300143B6571"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B29CCA41-5784-48C3-B9ED-6B1FF063FB1C"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37B9643D-4046-4034-8B68-18F59154CD66"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "681C458F-D1BD-48DA-86C7-BA714F5AA9B7"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4057F722-1A8E-4D75-B049-E3632AC8EF65"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1F53FDB-7136-444E-AB03-9D8A6A31E249"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63AB46C0-2F00-4805-84A9-323BA4E594DA"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A74105F9-E729-47BA-A96F-4D15947B673A"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F5F7411-0B32-4041-8235-2B1AEC186FF0"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9191D783-4390-4603-9C4D-F673270E63C3"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E36F3308-EABA-451F-90E1-65919450A809"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44F6680B-7015-4EB0-AABC-A4DD50894CD5"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CAFF5E3-EA27-4688-87AD-1648003D3D1C"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "081B4F7E-D7D0-452A-AAEB-0378EB6E7BC9"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E00A5B5-81D8-4BF3-B857-028D7D06CA5E"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "476C3ED0-B77C-490F-AF1E-BC4C7D52D818"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B1972B5-F896-419C-9FFA-FB583B114B8F"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2E84533-EB76-4A8F-90ED-E9342EAF3427"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5AE0623-87CB-4CEF-BD3B-6BCF676031CF"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "905B55A4-2488-44D1-991F-C142C3527F18"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDD1984D-BCC2-4FC6-B02E-226B1D8BC6F5"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90102D17-8D03-4F59-811B-FBFB98D627C2"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9381F69-1633-44DD-967F-D29587B67079"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9169BDAC-6207-4B6A-8EF3-D52DED1A9311"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FBCD6EA-4E6D-4C6E-97E5-B64F6CB90639"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62E17E03-53C6-4E74-91A8-4C4363666291"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4C6FEDE-B0E9-479A-9185-48D62DBC91FD"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "643762E2-969E-4531-B79E-961697E5DA8A"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "627AD871-2091-48E9-B801-3E3D5CF8E594"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BC691E5-6265-4FAB-9ACA-C65EB99AFA47"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4701BF31-B3FC-4590-9787-3BA94ECB8D54"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5DB96005-E214-4C60-865E-B693115527D1"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4CFF264-2315-43CE-B2A6-4234B394854C"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48FD6B1B-7555-449D-9CCB-1487FAEE8098"
          },
          {
            "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9726F4DE-8037-49AD-A092-7EF9D5BF99EC"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57CFAD92-EECD-417D-ADDB-8178C320B204"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1DCD75C-9775-4922-8A44-C4707C640946"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "086BF5C5-255C-4E2E-83D3-A8B83AED6B60"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91F8AC0A-13B4-4DF0-B40D-8756ACCDB4C5"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2F3699A-38E4-4E9D-9414-411F71D9E371"
          },
          {
            "criteria": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07E4AF6E-9BA4-4542-8F9F-6BA723F7A64D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
