IM
IronMonkey Threat Research

CVE-2017-13087 MEDIUM

Published: 2017-10-17 | Last Modified: 2026-06-17 | Status: Modified

Description

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

Additional Descriptions (1)

Wi-Fi Protected Access (WPA y WPA2) que soporte IEEE 802.11r permite la reinstalación de la clave GTK (Group Temporal Key) cuando se procesa un frame Wireless Network Management (WNM) Sleep Mode Response, haciendo que un atacante que se sitúe dentro del radio reproduzca frames desde los puntos de acceso hasta los clientes.

CVSS Metrics

Base Score: 2.9 (LOW)

AV:A/AC:M/Au:N/C:N/I:P/A:N

Access VectorADJACENT_NETWORK
Access ComplexityMEDIUM
AuthenticationNONE
Confidentiality ImpactNONE
Integrity ImpactPARTIAL
Availability ImpactNONE

Source: [email protected]

Type: Primary

Exploitability Score: 5.5

Impact Score: 2.9

Weaknesses

Source Type Description
[email protected] Primary
en CWE-330

Affected Products

Vendor Product Version Update Type
canonical ubuntu_linux 14.04 <built-in method update of dict object at 0x72a9a23a1bc0> Operating System
canonical ubuntu_linux 16.04 <built-in method update of dict object at 0x72a9a23a2300> Operating System
canonical ubuntu_linux 17.04 <built-in method update of dict object at 0x72a9a23a36c0> Operating System
debian debian_linux 8.0 <built-in method update of dict object at 0x72a9a23a34c0> Operating System
debian debian_linux 9.0 <built-in method update of dict object at 0x72a9a23a33c0> Operating System
freebsd freebsd * <built-in method update of dict object at 0x72a9a23a0a00> Operating System
freebsd freebsd 10 <built-in method update of dict object at 0x72a9a23a0280> Operating System
freebsd freebsd 10.4 <built-in method update of dict object at 0x72a9a23a1c40> Operating System
freebsd freebsd 11 <built-in method update of dict object at 0x72a9a23a3340> Operating System
freebsd freebsd 11.1 <built-in method update of dict object at 0x72a9a23a06c0> Operating System
opensuse leap 42.2 <built-in method update of dict object at 0x72a9a23a3d40> Operating System
opensuse leap 42.3 <built-in method update of dict object at 0x72a9a23a2540> Operating System
redhat enterprise_linux_desktop 7 <built-in method update of dict object at 0x72a9a23a05c0> Operating System
redhat enterprise_linux_server 7 <built-in method update of dict object at 0x72a9a23a1900> Operating System
w1.fi hostapd 0.2.4 <built-in method update of dict object at 0x72a9a23a0140> Application
w1.fi hostapd 0.2.5 <built-in method update of dict object at 0x72a9a23a2800> Application
w1.fi hostapd 0.2.6 <built-in method update of dict object at 0x72a9a23a32c0> Application
w1.fi hostapd 0.2.8 <built-in method update of dict object at 0x72a9a23a2380> Application
w1.fi hostapd 0.3.7 <built-in method update of dict object at 0x72a9a23a1240> Application
w1.fi hostapd 0.3.9 <built-in method update of dict object at 0x72ab5932f480> Application
w1.fi hostapd 0.3.10 <built-in method update of dict object at 0x72a9a23a2bc0> Application
w1.fi hostapd 0.3.11 <built-in method update of dict object at 0x72a9a23a0200> Application
w1.fi hostapd 0.4.7 <built-in method update of dict object at 0x72a9a23a2940> Application
w1.fi hostapd 0.4.8 <built-in method update of dict object at 0x72a9a23a3680> Application
w1.fi hostapd 0.4.9 <built-in method update of dict object at 0x72ab54005ec0> Application
w1.fi hostapd 0.4.10 <built-in method update of dict object at 0x72a9a23a2780> Application
w1.fi hostapd 0.4.11 <built-in method update of dict object at 0x72a9a23a1180> Application
w1.fi hostapd 0.5.7 <built-in method update of dict object at 0x72a9a23a3f40> Application
w1.fi hostapd 0.5.8 <built-in method update of dict object at 0x72a9a23a3dc0> Application
w1.fi hostapd 0.5.9 <built-in method update of dict object at 0x72a9a23a2c80> Application
w1.fi hostapd 0.5.10 <built-in method update of dict object at 0x72a9a23a1940> Application
w1.fi hostapd 0.5.11 <built-in method update of dict object at 0x72a9a23a02c0> Application
w1.fi hostapd 0.6.8 <built-in method update of dict object at 0x72a9a23a3cc0> Application
w1.fi hostapd 0.6.9 <built-in method update of dict object at 0x72a9a23a2b80> Application
w1.fi hostapd 0.6.10 <built-in method update of dict object at 0x72a9a23a2ac0> Application
w1.fi hostapd 0.7.3 <built-in method update of dict object at 0x72a9a23a2440> Application
w1.fi hostapd 1.0 <built-in method update of dict object at 0x72a9a23a0080> Application
w1.fi hostapd 1.1 <built-in method update of dict object at 0x72a9a23a15c0> Application
w1.fi hostapd 2.0 <built-in method update of dict object at 0x72a9a23a2c40> Application
w1.fi hostapd 2.1 <built-in method update of dict object at 0x72a9a23a0700> Application
w1.fi hostapd 2.2 <built-in method update of dict object at 0x72a9ccf88140> Application
w1.fi hostapd 2.3 <built-in method update of dict object at 0x72a9ccf88540> Application
w1.fi hostapd 2.4 <built-in method update of dict object at 0x72a9ccf8a740> Application
w1.fi hostapd 2.5 <built-in method update of dict object at 0x72a9ccf88900> Application
w1.fi hostapd 2.6 <built-in method update of dict object at 0x72a9ccf89f80> Application
w1.fi wpa_supplicant 0.2.4 <built-in method update of dict object at 0x72a9ccf8b040> Application
w1.fi wpa_supplicant 0.2.5 <built-in method update of dict object at 0x72a9ccf89600> Application
w1.fi wpa_supplicant 0.2.6 <built-in method update of dict object at 0x72a9ccf8b340> Application
w1.fi wpa_supplicant 0.2.7 <built-in method update of dict object at 0x72a9ccf8b1c0> Application
w1.fi wpa_supplicant 0.2.8 <built-in method update of dict object at 0x72a9ccf88740> Application
w1.fi wpa_supplicant 0.3.7 <built-in method update of dict object at 0x72a9ccf88380> Application
w1.fi wpa_supplicant 0.3.8 <built-in method update of dict object at 0x72a9ccf8b840> Application
w1.fi wpa_supplicant 0.3.9 <built-in method update of dict object at 0x72a9ccf88c40> Application
w1.fi wpa_supplicant 0.3.10 <built-in method update of dict object at 0x72a9ccf8b680> Application
w1.fi wpa_supplicant 0.3.11 <built-in method update of dict object at 0x72a9ccf88ac0> Application
w1.fi wpa_supplicant 0.4.7 <built-in method update of dict object at 0x72a9cd07adc0> Application
w1.fi wpa_supplicant 0.4.8 <built-in method update of dict object at 0x72a9b092a440> Application
w1.fi wpa_supplicant 0.4.9 <built-in method update of dict object at 0x72a9b092a900> Application
w1.fi wpa_supplicant 0.4.10 <built-in method update of dict object at 0x72a9b092a6c0> Application
w1.fi wpa_supplicant 0.4.11 <built-in method update of dict object at 0x72a9cd079000> Application
w1.fi wpa_supplicant 0.5.7 <built-in method update of dict object at 0x72a9b0928980> Application
w1.fi wpa_supplicant 0.5.8 <built-in method update of dict object at 0x72a9b092ac00> Application
w1.fi wpa_supplicant 0.5.9 <built-in method update of dict object at 0x72a9e52b6a40> Application
w1.fi wpa_supplicant 0.5.10 <built-in method update of dict object at 0x72a9b0929540> Application
w1.fi wpa_supplicant 0.5.11 <built-in method update of dict object at 0x72a9b0928840> Application
w1.fi wpa_supplicant 0.6.8 <built-in method update of dict object at 0x72a9b092a580> Application
w1.fi wpa_supplicant 0.6.9 <built-in method update of dict object at 0x72a9b0929b80> Application
w1.fi wpa_supplicant 0.6.10 <built-in method update of dict object at 0x72a9b092a880> Application
w1.fi wpa_supplicant 0.7.3 <built-in method update of dict object at 0x72a9b092bd40> Application
w1.fi wpa_supplicant 1.0 <built-in method update of dict object at 0x72a9b0928c80> Application
w1.fi wpa_supplicant 1.1 <built-in method update of dict object at 0x72a9b09287c0> Application
w1.fi wpa_supplicant 2.0 <built-in method update of dict object at 0x72a9b092ad80> Application
w1.fi wpa_supplicant 2.1 <built-in method update of dict object at 0x72a9b0928e40> Application
w1.fi wpa_supplicant 2.2 <built-in method update of dict object at 0x72a9b0929900> Application
w1.fi wpa_supplicant 2.3 <built-in method update of dict object at 0x72a9b092a500> Application
w1.fi wpa_supplicant 2.4 <built-in method update of dict object at 0x72a9b0929b00> Application
w1.fi wpa_supplicant 2.5 <built-in method update of dict object at 0x72a9b09281c0> Application
w1.fi wpa_supplicant 2.6 <built-in method update of dict object at 0x72a9b0928a40> Application
suse linux_enterprise_desktop 12 <built-in method update of dict object at 0x72a9b0928f40> Operating System
suse linux_enterprise_desktop 12 <built-in method update of dict object at 0x72a9b09286c0> Operating System
suse linux_enterprise_point_of_sale 11 <built-in method update of dict object at 0x72a9b0929c00> Operating System
suse linux_enterprise_server 11 <built-in method update of dict object at 0x72a9b0929640> Operating System
suse linux_enterprise_server 11 <built-in method update of dict object at 0x72a9b09296c0> Operating System
suse linux_enterprise_server 12 <built-in method update of dict object at 0x72a9b0928300> Operating System
suse openstack_cloud 6 <built-in method update of dict object at 0x72a9b092b340> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Yes cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
Yes cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*
Yes cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Yes cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Yes cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*
Yes cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*
Yes cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*
Yes cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*
Yes cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
Yes cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
Yes cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*
Yes cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*
Yes cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*
Yes cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*
Yes cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*
Yes cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*
Yes cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
Yes cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*
Yes cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*

References

Notification
Message here