CVE-2017-13082

CWE-323 CWE-330 CWE-32015 documents11 sources

Severity

8.1HIGH

EPSS

0.8%

top 25.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wi-fi Alliance Wi-fi Protected Access (wpa AND Wpa2)Canonical Ubuntu Linux Debian Debian Linux +10 more

Timeline

PublishedOct 17

Latest updateMay 13

Description

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 2.8 | Impact: 5.2

Affected Packages12 packages

▶CVEListV5wi-fi_alliance/wi-fi_protected_access_(wpa_and_wpa2)WPA, WPA2+1

▶Debianwpa< 2:2.4-1.1+3

▶Ubuntuwpa< 2.1-0ubuntu1.5+1

▶NVDopensuse/leap42.2, 42.3+1

▶NVDw1.fi/hostapd31 versions+30

Also affects: Freebsd 10, 10.4, 11, 11.1, Debian Linux 8.0, 9.0, Ubuntu Linux 14.04, 16.04, 17.04

🔴Vulnerability Details

GHSA

GHSA-fx3c-8pqx-5v4c: Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802↗2022-05-13

▶

CVEList

CVE-2017-13082: Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802↗2017-10-17

▶

OSV

CVE-2017-13082: Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802↗2017-10-17

▶

OSV

wpa vulnerabilities↗2017-10-16

▶

📋Vendor Advisories

Android

CVE-2017-13082: Android Security Bulletin 2017-11-01 CVE: CVE-2017-13082 Severity: HIGH Type: EoP Affected AOSP versions: 7↗2017-11-01

▶

BSD

FreeBSD-SA-17:07.wpa: WPA2 protocol vulnerability↗2017-10-17

▶

Red Hat

wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it↗2017-10-16

▶

Cisco

Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II↗2017-10-16

▶

Ubuntu

wpa_supplicant and hostapd vulnerabilities↗2017-10-16

▶

💬Community

Bugzilla

CVE-2017-14919 nodejs: DoS via specific windowBits value↗2017-11-22

▶

Bugzilla

CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 wpa_supplicant: various flaws [fedora-all]↗2017-10-16

▶

Bugzilla

CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 hostapd: various flaws [fedora-all]↗2017-10-16

▶

Bugzilla

CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it↗2017-09-14

▶