CVE-2017-13080 - OpenCVE

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

No CVSS v3.1

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:A/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Opensuse	Leap
W1.fi	Hostapd Wpa Supplicant
Suse	Linux Enterprise Desktop Linux Enterprise Server Linux Enterprise Point Of Sale Openstack Cloud
Canonical	Ubuntu Linux
Debian	Debian Linux
Redhat	Enterprise Linux Desktop Enterprise Linux Server
Freebsd	Freebsd

Configuration 1 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:freebsd:freebsd::::::::
	cpe:2.3:o:freebsd:freebsd:10:::::::*
	cpe:2.3:o:freebsd:freebsd:10.4:::::::*
	cpe:2.3:o:freebsd:freebsd:11:::::::*
	cpe:2.3:o:freebsd:freebsd:11.1:::::::*
	cpe:2.3:o:opensuse:leap:42.2:::::::*
	cpe:2.3:o:opensuse:leap:42.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:7:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:w1.fi:hostapd:0.2.4:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.2.5:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.2.6:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.2.8:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.3.7:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.3.9:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.3.10:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.3.11:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.4.7:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.4.8:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.4.9:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.4.10:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.4.11:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.5.7:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.5.8:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.5.9:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.5.10:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.5.11:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.6.8:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.6.9:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.6.10:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.7.3:::::::*
	cpe:2.3:a:w1.fi:hostapd:1.0:::::::*
	cpe:2.3:a:w1.fi:hostapd:1.1:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.0:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.1:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.2:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.3:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.4:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.5:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.6:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:1.0:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:1.1:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.0:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.1:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.2:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.3:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.4:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.5:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.6:::::::*

Configuration 3 [-]

OR	cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2::::::
	cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::ltss::*
	cpe:2.3:o:suse:linux_enterprise_server:11:sp4::::::
	cpe:2.3:o:suse:linux_enterprise_server:12::::ltss:::
	cpe:2.3:o:suse:openstack_cloud:6:::::::*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html	Third Party Advisory
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt	Third Party Advisory
http://www.debian.org/security/2017/dsa-3999	Third Party Advisory
http://www.kb.cert.org/vuls/id/228519	Third Party Advisory US Government Resource
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.securityfocus.com/bid/101274	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039572	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039573	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039576	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039577	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039578	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039581	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039585	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039703
http://www.ubuntu.com/usn/USN-3455-1	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2907	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2911	Third Party Advisory
https://access.redhat.com/security/vulnerabilities/kracks	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
https://cert.vde.com/en-us/advisories/vde-2017-003
https://cert.vde.com/en-us/advisories/vde-2017-005
https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html
https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080	Vendor Advisory
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc	Third Party Advisory
https://security.gentoo.org/glsa/201711-03
https://source.android.com/security/bulletin/2017-11-01
https://support.apple.com/HT208219
https://support.apple.com/HT208220
https://support.apple.com/HT208221
https://support.apple.com/HT208222
https://support.apple.com/HT208325
https://support.apple.com/HT208327
https://support.apple.com/HT208334
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us
https://support.lenovo.com/us/en/product_security/LEN-17420	Third Party Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa	Third Party Advisory
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt	Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html
https://www.krackattacks.com/	Technical Description Third Party Advisory