CVE-2017-13084

MEDIUM

Details

Source: MITRE

Published: 2017-10-17

Updated: 2019-10-03

Type: CWE-330

Risk Information

CVSS v2.0

Base Score: 5.4

Vector: AV:A/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 5.5

Severity: MEDIUM

CVSS v3.0

Base Score: 6.8

Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Impact Score: 5.2

Exploitability Score: 1.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*

cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*

cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*

Tenable Plugins

View all (7 total)

IDNameProductFamilySeverity
109037pfSense < 2.3.5 Multiple Vulnerabilities (KRACK)NessusFirewalls
high
104511GLSA-201711-03 : hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks (KRACK)NessusGentoo Local Security Checks
medium
103944Slackware 14.0 / 14.1 / 14.2 / current : wpa_supplicant (SSA:2017-291-02) (KRACK)NessusSlackware Local Security Checks
medium
103875Ubiquiti Networks UniFi < 3.9.3.7537 (KRACK)NessusMisc.
medium
103862FreeBSD : WPA packet number reuse with replayed messages and key reinstallation (d670a953-b2a1-11e7-a633-009c02a2ab30) (KRACK)NessusFreeBSD Local Security Checks
medium
103857MikroTik RouterOS < 6.39.3 / 6.40.4 / 6.41rc (KRACK)NessusMisc.
medium
103856Cisco ASA FirePOWER Services Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II (KRACK)NessusCISCO
medium