MEDIUM
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt
http://www.debian.org/security/2017/dsa-3999
http://www.kb.cert.org/vuls/id/228519
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.securityfocus.com/bid/101274
http://www.securitytracker.com/id/1039570
http://www.securitytracker.com/id/1039571
http://www.securitytracker.com/id/1039573
http://www.securitytracker.com/id/1039581
http://www.ubuntu.com/usn/USN-3455-1
https://access.redhat.com/errata/RHSA-2017:2907
https://access.redhat.com/security/vulnerabilities/kracks
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
https://cert.vde.com/en-us/advisories/vde-2017-005
https://github.com/vanhoefm/krackattacks-test-ap-ft
https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02
https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc
https://security.gentoo.org/glsa/201711-03
https://source.android.com/security/bulletin/2017-11-01
https://support.lenovo.com/us/en/product_security/LEN-17420
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
Source: MITRE
Published: 2017-10-17
Updated: 2018-11-02
Type: CWE-254
Base Score: 5.8
Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 6.5
Severity: MEDIUM
Base Score: 8.1
Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Impact Score: 5.2
Exploitability Score: 2.8
Severity: HIGH