CVE-2017-13081
published 2017-10-17CVE-2017-13081: Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key…
medium5.3CVSS 3.0
AVAACHPRNUINSUCNIHAN
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Affected
93 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | firmware-nonfree | < firmware-nonfree 20180825-1 (bookworm) | firmware-nonfree 20180825-1 (bookworm) |
| debian | wpa | < firmware-nonfree 20180825-1 (bookworm) | firmware-nonfree 20180825-1 (bookworm) |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| android | — | — | |
| opensuse | leap | — | — |
| opensuse | leap | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| suse | linux_enterprise_desktop | — | — |
| suse | linux_enterprise_point_of_sale | — | — |
| suse | linux_enterprise_server | — | — |
| suse | linux_enterprise_server | — | — |
| suse | openstack_cloud | — | — |
| w1.fi | hostapd | — | — |
| w1.fi | hostapd | — | — |
| w1.fi | hostapd | — | — |
| w1.fi | hostapd | — | — |
CVSS provenance
nvdv3.05.3MEDIUMCVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
osv7.5HIGH