← Back

CVE-2017-13082

nvd nist
Published: Oct 17, 2017Modified: May 13, 2026

JSON object

Loading...
8.1
Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Exploitability: 2.8 / Impact: 5.2
Source: NVD

Description

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Affected (85)

Show all products
Canonical: Ubuntu Linux · Debian: Debian Linux · Freebsd: Freebsd · Opensuse: Leap · Redhat: Enterprise Linux Desktop, Enterprise Linux Server · W1.fi: Hostapd, Wpa Supplicant · Suse: Linux Enterprise Desktop, Linux Enterprise Point Of Sale, Linux Enterprise Server, Openstack Cloud
Canonical
1 product
Ubuntu Linux
Debian
1 product
Debian Linux
Freebsd
1 product
Freebsd
Opensuse
1 product
Leap
Redhat
2 products
Enterprise Linux Desktop
Enterprise Linux Server
W1.fi
2 products
Hostapd
Wpa Supplicant
Suse
4 products
Linux Enterprise Desktop
Linux Enterprise Point Of Sale
Linux Enterprise Server
Openstack Cloud
Configuration A
14 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 14.04
Ubuntu Linux
Version 16.04
Ubuntu Linux
Version 17.04
Debian
Debian Linux
Version 8.0
Debian Linux
Version 9.0
Freebsd
Freebsd
All versions
Freebsd
Version 10.4
Freebsd
Version 10
Freebsd
Version 11.1
Freebsd
Version 11
Opensuse
Leap
Version 42.2
Leap
Version 42.3
Enterprise Linux Desktop
Version 7
Enterprise Linux Server
Version 7
Configuration B
64 vulnerable
Vulnerable SoftwareAffected Versions
W1.fi
Hostapd
Version 0.2.4
Hostapd
Version 0.2.5
Hostapd
Version 0.2.6
Hostapd
Version 0.2.8
Hostapd
Version 0.3.10
Hostapd
Version 0.3.11
Hostapd
Version 0.3.7
Hostapd
Version 0.3.9
Hostapd
Version 0.4.10
Hostapd
Version 0.4.11
Hostapd
Version 0.4.7
Hostapd
Version 0.4.8
Hostapd
Version 0.4.9
Hostapd
Version 0.5.10
Hostapd
Version 0.5.11
Hostapd
Version 0.5.7
Hostapd
Version 0.5.8
Hostapd
Version 0.5.9
Hostapd
Version 0.6.10
Hostapd
Version 0.6.8
Hostapd
Version 0.6.9
Hostapd
Version 0.7.3
Hostapd
Version 1.0
Hostapd
Version 1.1
Hostapd
Version 2.0
Hostapd
Version 2.1
Hostapd
Version 2.2
Hostapd
Version 2.3
Hostapd
Version 2.4
Hostapd
Version 2.5
Hostapd
Version 2.6
W1.fi
Wpa Supplicant
Version 0.2.4
Wpa Supplicant
Version 0.2.5
Wpa Supplicant
Version 0.2.6
Wpa Supplicant
Version 0.2.7
Wpa Supplicant
Version 0.2.8
Wpa Supplicant
Version 0.3.10
Wpa Supplicant
Version 0.3.11
Wpa Supplicant
Version 0.3.7
Wpa Supplicant
Version 0.3.8
Wpa Supplicant
Version 0.3.9
Wpa Supplicant
Version 0.4.10
Wpa Supplicant
Version 0.4.11
Wpa Supplicant
Version 0.4.7
Wpa Supplicant
Version 0.4.8
Wpa Supplicant
Version 0.4.9
Wpa Supplicant
Version 0.5.10
Wpa Supplicant
Version 0.5.11
Wpa Supplicant
Version 0.5.7
Wpa Supplicant
Version 0.5.8
Wpa Supplicant
Version 0.5.9
Wpa Supplicant
Version 0.6.10
Wpa Supplicant
Version 0.6.8
Wpa Supplicant
Version 0.6.9
Wpa Supplicant
Version 0.7.3
Wpa Supplicant
Version 1.0
Wpa Supplicant
Version 1.1
Wpa Supplicant
Version 2.0
Wpa Supplicant
Version 2.1
Wpa Supplicant
Version 2.2
Wpa Supplicant
Version 2.3
Wpa Supplicant
Version 2.4
Wpa Supplicant
Version 2.5
Wpa Supplicant
Version 2.6
Configuration C
7 vulnerable
Vulnerable SoftwareAffected Versions
Suse
Linux Enterprise Desktop
Version 12 sp2
Linux Enterprise Desktop
Version 12 sp3
Linux Enterprise Point Of Sale
Version 11 sp3
Suse
Linux Enterprise Server
Version 11 sp3
Linux Enterprise Server
Version 11 sp4
Linux Enterprise Server
Version 12
Openstack Cloud
Version 6

Related CWEs

CWE-323
Reusing a Nonce, Key Pair in Encryption
Nonces should be used for the present occasion and only once.
CWE-330
Use of Insufficiently Random Values
The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

References (52)

Source: cret@cert.org
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Third Party AdvisoryUS Government Resource
Source: cret@cert.org
Source: cret@cert.org
Source: cret@cert.org
Third Party AdvisoryVDB Entry
Source: cret@cert.org
Third Party AdvisoryVDB Entry
Source: cret@cert.org
Third Party AdvisoryVDB Entry
Source: cret@cert.org
Third Party AdvisoryVDB Entry
Source: cret@cert.org
Third Party AdvisoryVDB Entry
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Source: cret@cert.org
Source: cret@cert.org
ExploitThird Party Advisory
Source: cret@cert.org
Source: cret@cert.org
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Source: cret@cert.org
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Technical DescriptionThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Technical DescriptionThird Party Advisory

Timeline

No history available yet.