CVE-2017-13082

MEDIUM

Description

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

References

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt

http://www.debian.org/security/2017/dsa-3999

http://www.kb.cert.org/vuls/id/228519

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

http://www.securityfocus.com/bid/101274

http://www.securitytracker.com/id/1039570

http://www.securitytracker.com/id/1039571

http://www.securitytracker.com/id/1039573

http://www.securitytracker.com/id/1039581

http://www.ubuntu.com/usn/USN-3455-1

https://access.redhat.com/errata/RHSA-2017:2907

https://access.redhat.com/security/vulnerabilities/kracks

https://cert.vde.com/en-us/advisories/vde-2017-005

https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf

https://github.com/vanhoefm/krackattacks-test-ap-ft

https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02

https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697

https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc

https://security.gentoo.org/glsa/201711-03

https://source.android.com/security/bulletin/2017-11-01

https://support.lenovo.com/us/en/product_security/LEN-17420

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa

https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt

https://www.krackattacks.com/

Details

Source: MITRE

Published: 2017-10-17

Updated: 2019-10-03

Type: CWE-330

Risk Information

CVSS v2.0

Base Score: 5.8

Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 6.5

Severity: MEDIUM

CVSS v3.0

Base Score: 8.1

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Impact Score: 5.2

Exploitability Score: 2.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*

cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*

Tenable Plugins

View all (29 total)

IDNameProductFamilySeverity
143704SUSE SLES12 Security Update : wpa_supplicant (SUSE-SU-2020:3424-1) (KRACK)NessusSuSE Local Security Checks
medium
143627SUSE SLED15 / SLES15 Security Update : wpa_supplicant (SUSE-SU-2020:3380-1) (KRACK)NessusSuSE Local Security Checks
medium
143321openSUSE Security Update : wpa_supplicant (openSUSE-2020-2053) (KRACK)NessusSuSE Local Security Checks
medium
143304openSUSE Security Update : wpa_supplicant (openSUSE-2020-2059) (KRACK)NessusSuSE Local Security Checks
medium
133758openSUSE Security Update : hostapd (openSUSE-2020-222) (KRACK)NessusSuSE Local Security Checks
medium
720291Rockwell Automation Stratix 5100 Wireless Access Point and Workgroup Bridge < 15.4 Reusing a Nonce (ICSA-17-299-02)Nessus Network MonitorSCADA
medium
124925EulerOS Virtualization 3.0.1.0 : wpa_supplicant (EulerOS-SA-2019-1422)NessusHuawei Local Security Checks
medium
124917EulerOS Virtualization for ARM 64 3.0.1.0 : wpa_supplicant (EulerOS-SA-2019-1414)NessusHuawei Local Security Checks
medium
109037pfSense < 2.3.5 Multiple Vulnerabilities (KRACK)NessusFirewalls
high
106004Fedora 27 : 1:wpa_supplicant (2017-f45e844a85) (KRACK)NessusFedora Local Security Checks
medium
104581Virtuozzo 7 : wpa_supplicant (VZLSA-2017-2907)NessusVirtuozzo Local Security Checks
medium
104577EulerOS 2.0 SP2 : wpa_supplicant (EulerOS-SA-2017-1242)NessusHuawei Local Security Checks
medium
104576EulerOS 2.0 SP1 : wpa_supplicant (EulerOS-SA-2017-1241)NessusHuawei Local Security Checks
medium
104511GLSA-201711-03 : hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks (KRACK)NessusGentoo Local Security Checks
medium
104299Debian DLA-1150-1 : wpa security update (KRACK)NessusDebian Local Security Checks
medium
103960Scientific Linux Security Update : wpa_supplicant on SL7.x x86_64 (20171018) (KRACK)NessusScientific Linux Local Security Checks
medium
103944Slackware 14.0 / 14.1 / 14.2 / current : wpa_supplicant (SSA:2017-291-02) (KRACK)NessusSlackware Local Security Checks
medium
103916RHEL 7 : wpa_supplicant (RHSA-2017:2907) (KRACK)NessusRed Hat Local Security Checks
medium
103914Oracle Linux 7 : wpa_supplicant (ELSA-2017-2907) (KRACK)NessusOracle Linux Local Security Checks
medium
103896Fedora 26 : 1:wpa_supplicant (2017-60bfb576b7) (KRACK)NessusFedora Local Security Checks
medium
103884Fedora 25 : 1:wpa_supplicant (2017-12e76e8364) (KRACK)NessusFedora Local Security Checks
medium
103881CentOS 7 : wpa_supplicant (CESA-2017:2907) (KRACK)NessusCentOS Local Security Checks
medium
103875Ubiquiti Networks UniFi < 3.9.3.7537 (KRACK)NessusMisc.
medium
103863Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : wpa vulnerabilities (USN-3455-1) (KRACK)NessusUbuntu Local Security Checks
medium
103862FreeBSD : WPA packet number reuse with replayed messages and key reinstallation (d670a953-b2a1-11e7-a633-009c02a2ab30) (KRACK)NessusFreeBSD Local Security Checks
medium
103859Debian DSA-3999-1 : wpa - security update (KRACK)NessusDebian Local Security Checks
medium
103857MikroTik RouterOS < 6.39.3 / 6.40.4 / 6.41rc (KRACK)NessusMisc.
medium
103856Cisco ASA FirePOWER Services Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II (KRACK)NessusCISCO
medium
103855ArubaOS WPA2 Key Reinstallation Vulnerabilities (KRACK)NessusMisc.
medium