CVE-2017-13077 - Vulnerability Details

Description

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Published: 2017-10-17

Score: 6.8 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Wi-Fi Alliance

Wi-Fi Protected Access (WPA and WPA2)

affected

Version	Status	Constraints
`WPA`	affected	—
`WPA2`	affected	—

Configuration 1 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:freebsd:freebsd::::::::
	cpe:2.3:o:freebsd:freebsd:10:::::::*
	cpe:2.3:o:freebsd:freebsd:10.4:::::::*
	cpe:2.3:o:freebsd:freebsd:11:::::::*
	cpe:2.3:o:freebsd:freebsd:11.1:::::::*
	cpe:2.3:o:opensuse:leap:42.2:::::::*
	cpe:2.3:o:opensuse:leap:42.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:7:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:w1.fi:hostapd:0.2.4:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.2.5:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.2.6:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.2.8:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.3.7:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.3.9:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.3.10:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.3.11:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.4.7:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.4.8:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.4.9:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.4.10:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.4.11:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.5.7:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.5.8:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.5.9:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.5.10:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.5.11:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.6.8:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.6.9:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.6.10:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.7.3:::::::*
	cpe:2.3:a:w1.fi:hostapd:1.0:::::::*
	cpe:2.3:a:w1.fi:hostapd:1.1:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.0:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.1:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.2:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.3:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.4:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.5:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.6:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:1.0:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:1.1:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.0:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.1:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.2:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.3:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.4:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.5:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.6:::::::*

Configuration 3 [-]

OR	cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2::::::
	cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::ltss::*
	cpe:2.3:o:suse:linux_enterprise_server:11:sp4::::::
	cpe:2.3:o:suse:linux_enterprise_server:12::::ltss:::
	cpe:2.3:o:suse:openstack_cloud:6:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 6
wpa_supplicant-1:0.7.3-9.el6_9.2	cpe:/o:redhat:enterprise_linux:6	RHSA-2017:2911	2017-10-18T00:00:00Z
Red Hat Enterprise Linux 7
wpa_supplicant-1:2.6-5.el7_4.1	cpe:/o:redhat:enterprise_linux:7	RHSA-2017:2907	2017-10-17T00:00:00Z

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DLA	DLA-1150-1	wpa security update
Debian DLA	DLA-1573-1	firmware-nonfree security update
Debian DSA	DSA-3999-1	wpa security update
EUVD	EUVD-2017-4595	Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
Ubuntu USN	USN-3455-1	wpa_supplicant and hostapd vulnerabilities

No CVSS v4.0

No CVSS v3.1

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00664.

Key SSVC decision points have not yet been added.

References

Link	Providers
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt
http://www.debian.org/security/2017/dsa-3999
http://www.kb.cert.org/vuls/id/228519
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.securityfocus.com/bid/101274
http://www.securitytracker.com/id/1039573
http://www.securitytracker.com/id/1039576
http://www.securitytracker.com/id/1039577
http://www.securitytracker.com/id/1039578
http://www.securitytracker.com/id/1039581
http://www.securitytracker.com/id/1039585
http://www.securitytracker.com/id/1041432
http://www.ubuntu.com/usn/USN-3455-1
https://access.redhat.com/errata/RHSA-2017:2907
https://access.redhat.com/errata/RHSA-2017:2911
https://access.redhat.com/security/vulnerabilities/kracks
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
https://cert.vde.com/en-us/advisories/vde-2017-003
https://cert.vde.com/en-us/advisories/vde-2017-005
https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html
https://nvd.nist.gov/vuln/detail/CVE-2017-13077
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc
https://security.gentoo.org/glsa/201711-03
https://source.android.com/security/bulletin/2017-11-01
https://source.android.com/security/bulletin/2018-04-01
https://source.android.com/security/bulletin/2018-06-01
https://support.apple.com/HT208219
https://support.apple.com/HT208220
https://support.apple.com/HT208221
https://support.apple.com/HT208222
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us
https://support.lenovo.com/us/en/product_security/LEN-17420
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
https://www.cve.org/CVERecord?id=CVE-2017-13077
https://www.krackattacks.com/

History

No history.

Subscriptions

Canonical Ubuntu Linux

Debian Debian Linux

Freebsd Freebsd

Opensuse Leap

Redhat Enterprise Linux Enterprise Linux Desktop Enterprise Linux Server

Suse Linux Enterprise Desktop Linux Enterprise Point Of Sale Linux Enterprise Server Openstack Cloud

W1.fi Hostapd Wpa Supplicant

MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2017-10-17T02:00:00.000Z

Updated: 2024-08-05T18:58:12.291Z

Reserved: 2017-08-22T00:00:00.000Z

Link: CVE-2017-13077

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2017-10-17T02:29:00.207

Modified: 2025-04-20T01:37:25.860

Link: CVE-2017-13077

Redhat

Severity : Important

Publid Date: 2017-10-16T00:00:00Z

Links: CVE-2017-13077 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

Tracking

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object