IM
IronMonkey Threat Research

CVE-2017-13080 MEDIUM

Published: 2017-10-17 | Last Modified: 2026-06-17 | Status: Modified

Description

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

Additional Descriptions (1)

Wi-Fi Protected Access (WPA y WPA2) permite la reinstalación de la clave temporal GTK (Group Temporal Key) durante la negociación de la clave de grupo, haciendo que un atacante que se sitúe dentro del radio reproduzca frames desde los puntos de acceso hasta los clientes.

CVSS Metrics

Base Score: 2.9 (LOW)

AV:A/AC:M/Au:N/C:N/I:P/A:N

Access VectorADJACENT_NETWORK
Access ComplexityMEDIUM
AuthenticationNONE
Confidentiality ImpactNONE
Integrity ImpactPARTIAL
Availability ImpactNONE

Source: [email protected]

Type: Primary

Exploitability Score: 5.5

Impact Score: 2.9

Weaknesses

Source Type Description
[email protected] Secondary
en CWE-323
[email protected] Primary
en CWE-330

Affected Products

Vendor Product Version Update Type
canonical ubuntu_linux 14.04 <built-in method update of dict object at 0x72a9b0a36000> Operating System
canonical ubuntu_linux 16.04 <built-in method update of dict object at 0x72a9b0d59a00> Operating System
canonical ubuntu_linux 17.04 <built-in method update of dict object at 0x72a9b0a789c0> Operating System
debian debian_linux 8.0 <built-in method update of dict object at 0x72a9b0a79c00> Operating System
debian debian_linux 9.0 <built-in method update of dict object at 0x72a9b0a78180> Operating System
freebsd freebsd * <built-in method update of dict object at 0x72a9b0a7a180> Operating System
freebsd freebsd 10 <built-in method update of dict object at 0x72a9b0a34d40> Operating System
freebsd freebsd 10.4 <built-in method update of dict object at 0x72a9b0c20280> Operating System
freebsd freebsd 11 <built-in method update of dict object at 0x72a9b0d5a6c0> Operating System
freebsd freebsd 11.1 <built-in method update of dict object at 0x72a9cc41e640> Operating System
opensuse leap 42.2 <built-in method update of dict object at 0x72a9b0a34040> Operating System
opensuse leap 42.3 <built-in method update of dict object at 0x72a9cd0b9a40> Operating System
redhat enterprise_linux_desktop 7 <built-in method update of dict object at 0x72a9cc7f5840> Operating System
redhat enterprise_linux_server 7 <built-in method update of dict object at 0x72a9cc82bdc0> Operating System
w1.fi hostapd 0.2.4 <built-in method update of dict object at 0x72a9b0d5a700> Application
w1.fi hostapd 0.2.5 <built-in method update of dict object at 0x72a9b0a37a00> Application
w1.fi hostapd 0.2.6 <built-in method update of dict object at 0x72a9b0d5b400> Application
w1.fi hostapd 0.2.8 <built-in method update of dict object at 0x72a9b0a34580> Application
w1.fi hostapd 0.3.7 <built-in method update of dict object at 0x72a9b0d5bd80> Application
w1.fi hostapd 0.3.9 <built-in method update of dict object at 0x72a9b0c23880> Application
w1.fi hostapd 0.3.10 <built-in method update of dict object at 0x72a9b0c21700> Application
w1.fi hostapd 0.3.11 <built-in method update of dict object at 0x72a9b0d58040> Application
w1.fi hostapd 0.4.7 <built-in method update of dict object at 0x72a9b0d5ba40> Application
w1.fi hostapd 0.4.8 <built-in method update of dict object at 0x72a9b0a36ec0> Application
w1.fi hostapd 0.4.9 <built-in method update of dict object at 0x72a9b0a34fc0> Application
w1.fi hostapd 0.4.10 <built-in method update of dict object at 0x72a9b0d5b640> Application
w1.fi hostapd 0.4.11 <built-in method update of dict object at 0x72a9cd0b89c0> Application
w1.fi hostapd 0.5.7 <built-in method update of dict object at 0x72a9b0d5a1c0> Application
w1.fi hostapd 0.5.8 <built-in method update of dict object at 0x72a9cc41e980> Application
w1.fi hostapd 0.5.9 <built-in method update of dict object at 0x72a9b0a7ac00> Application
w1.fi hostapd 0.5.10 <built-in method update of dict object at 0x72a9e4155580> Application
w1.fi hostapd 0.5.11 <built-in method update of dict object at 0x72ab5932f480> Application
w1.fi hostapd 0.6.8 <built-in method update of dict object at 0x72a9b0d5aec0> Application
w1.fi hostapd 0.6.9 <built-in method update of dict object at 0x72a9b0d5b040> Application
w1.fi hostapd 0.6.10 <built-in method update of dict object at 0x72a9b0d5b3c0> Application
w1.fi hostapd 0.7.3 <built-in method update of dict object at 0x72a9b0d5bd00> Application
w1.fi hostapd 1.0 <built-in method update of dict object at 0x72a9b0d59f00> Application
w1.fi hostapd 1.1 <built-in method update of dict object at 0x72a9b0d5a300> Application
w1.fi hostapd 2.0 <built-in method update of dict object at 0x72a9b0a35900> Application
w1.fi hostapd 2.1 <built-in method update of dict object at 0x72a9b0ca7c40> Application
w1.fi hostapd 2.2 <built-in method update of dict object at 0x72a9b0ca5fc0> Application
w1.fi hostapd 2.3 <built-in method update of dict object at 0x72a9b0ca6d40> Application
w1.fi hostapd 2.4 <built-in method update of dict object at 0x72a9b0a355c0> Application
w1.fi hostapd 2.5 <built-in method update of dict object at 0x72a9b0ca5d00> Application
w1.fi hostapd 2.6 <built-in method update of dict object at 0x72a9b0ca6340> Application
w1.fi wpa_supplicant 0.2.4 <built-in method update of dict object at 0x72a9b0ca78c0> Application
w1.fi wpa_supplicant 0.2.5 <built-in method update of dict object at 0x72a9b0ca76c0> Application
w1.fi wpa_supplicant 0.2.6 <built-in method update of dict object at 0x72a9b0ca4b40> Application
w1.fi wpa_supplicant 0.2.7 <built-in method update of dict object at 0x72a9b0ca4900> Application
w1.fi wpa_supplicant 0.2.8 <built-in method update of dict object at 0x72a9b0c35b80> Application
w1.fi wpa_supplicant 0.3.7 <built-in method update of dict object at 0x72a9b0c345c0> Application
w1.fi wpa_supplicant 0.3.8 <built-in method update of dict object at 0x72a9b0ca50c0> Application
w1.fi wpa_supplicant 0.3.9 <built-in method update of dict object at 0x72a9b0a36e80> Application
w1.fi wpa_supplicant 0.3.10 <built-in method update of dict object at 0x72a9b0a34800> Application
w1.fi wpa_supplicant 0.3.11 <built-in method update of dict object at 0x72a9b026f3c0> Application
w1.fi wpa_supplicant 0.4.7 <built-in method update of dict object at 0x72a9b026fd80> Application
w1.fi wpa_supplicant 0.4.8 <built-in method update of dict object at 0x72a9b026c480> Application
w1.fi wpa_supplicant 0.4.9 <built-in method update of dict object at 0x72a9b026e400> Application
w1.fi wpa_supplicant 0.4.10 <built-in method update of dict object at 0x72a9af7e3dc0> Application
w1.fi wpa_supplicant 0.4.11 <built-in method update of dict object at 0x72a9b0c1bb80> Application
w1.fi wpa_supplicant 0.5.7 <built-in method update of dict object at 0x72a9b0c28b40> Application
w1.fi wpa_supplicant 0.5.8 <built-in method update of dict object at 0x72a9b026d8c0> Application
w1.fi wpa_supplicant 0.5.9 <built-in method update of dict object at 0x72a9b0d5a0c0> Application
w1.fi wpa_supplicant 0.5.10 <built-in method update of dict object at 0x72a9af802440> Application
w1.fi wpa_supplicant 0.5.11 <built-in method update of dict object at 0x72a9b026e980> Application
w1.fi wpa_supplicant 0.6.8 <built-in method update of dict object at 0x72a9b026d5c0> Application
w1.fi wpa_supplicant 0.6.9 <built-in method update of dict object at 0x72a9af801440> Application
w1.fi wpa_supplicant 0.6.10 <built-in method update of dict object at 0x72a9af800f80> Application
w1.fi wpa_supplicant 0.7.3 <built-in method update of dict object at 0x72a9b026c680> Application
w1.fi wpa_supplicant 1.0 <built-in method update of dict object at 0x72a9b026d400> Application
w1.fi wpa_supplicant 1.1 <built-in method update of dict object at 0x72a9b026d100> Application
w1.fi wpa_supplicant 2.0 <built-in method update of dict object at 0x72a9cdc720c0> Application
w1.fi wpa_supplicant 2.1 <built-in method update of dict object at 0x72a9cdc71600> Application
w1.fi wpa_supplicant 2.2 <built-in method update of dict object at 0x72a9cdc71180> Application
w1.fi wpa_supplicant 2.3 <built-in method update of dict object at 0x72a9cdc728c0> Application
w1.fi wpa_supplicant 2.4 <built-in method update of dict object at 0x72a9b0a83d40> Application
w1.fi wpa_supplicant 2.5 <built-in method update of dict object at 0x72a9b0a83540> Application
w1.fi wpa_supplicant 2.6 <built-in method update of dict object at 0x72a9b0a83ec0> Application
suse linux_enterprise_desktop 12 <built-in method update of dict object at 0x72a9b0a82000> Operating System
suse linux_enterprise_desktop 12 <built-in method update of dict object at 0x72a9b0a80240> Operating System
suse linux_enterprise_point_of_sale 11 <built-in method update of dict object at 0x72a9b0a829c0> Operating System
suse linux_enterprise_server 11 <built-in method update of dict object at 0x72a9b0a824c0> Operating System
suse linux_enterprise_server 11 <built-in method update of dict object at 0x72a9b0a81640> Operating System
suse linux_enterprise_server 12 <built-in method update of dict object at 0x72a9b0a83680> Operating System
suse openstack_cloud 6 <built-in method update of dict object at 0x72a9b0a839c0> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Yes cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
Yes cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*
Yes cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Yes cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Yes cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*
Yes cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*
Yes cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*
Yes cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*
Yes cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
Yes cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
Yes cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*
Yes cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*
Yes cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*
Yes cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*
Yes cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*
Yes cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
Yes cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*
Yes cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*

References

Notification
Message here