{"containers": {"cna": {"affected": [{"product": "Wi-Fi Protected Access (WPA and WPA2)", "vendor": "Wi-Fi Alliance", "versions": [{"status": "affected", "version": "WPA"}, {"status": "affected", "version": "WPA2"}]}], "datePublic": "2017-10-16T00:00:00", "descriptions": [{"lang": "en", "value": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-323", "description": "CWE-323: Reusing a Nonce, Key Pair in Encryption", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-07-18T12:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "1039581", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039581"}, {"name": "101274", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101274"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"name": "SUSE-SU-2017:2745", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"}, {"name": "DSA-3999", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-3999"}, {"name": "1039578", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039578"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://access.redhat.com/security/vulnerabilities/kracks"}, {"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"}, {"tags": ["x_refsource_MISC"], "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"}, {"name": "1039577", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039577"}, {"name": "openSUSE-SU-2017:2755", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://source.android.com/security/bulletin/2017-11-01"}, {"name": "GLSA-201711-03", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201711-03"}, {"name": "RHSA-2017:2907", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2907"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"}, {"name": "FreeBSD-SA-17:07", "tags": ["vendor-advisory", "x_refsource_FREEBSD"], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"}, {"tags": ["x_refsource_MISC"], "url": "https://www.krackattacks.com/"}, {"name": "1039573", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039573"}, {"name": "SUSE-SU-2017:2752", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"}, {"name": "1039576", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039576"}, {"name": "VU#228519", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/228519"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"}, {"name": "USN-3455-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3455-1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2017-13088", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Wi-Fi Protected Access (WPA and WPA2)", "version": {"version_data": [{"version_value": "WPA"}, {"version_value": "WPA2"}]}}]}, "vendor_name": "Wi-Fi Alliance"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"}]}]}, "references": {"reference_data": [{"name": "1039581", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039581"}, {"name": "101274", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101274"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"name": "SUSE-SU-2017:2745", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"}, {"name": "DSA-3999", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3999"}, {"name": "1039578", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039578"}, {"name": "https://access.redhat.com/security/vulnerabilities/kracks", "refsource": "CONFIRM", "url": "https://access.redhat.com/security/vulnerabilities/kracks"}, {"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"}, {"name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt", "refsource": "MISC", "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"}, {"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt", "refsource": "CONFIRM", "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"}, {"name": "1039577", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039577"}, {"name": "openSUSE-SU-2017:2755", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"}, {"name": "https://source.android.com/security/bulletin/2017-11-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-11-01"}, {"name": "GLSA-201711-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201711-03"}, {"name": "RHSA-2017:2907", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2907"}, {"name": "https://support.lenovo.com/us/en/product_security/LEN-17420", "refsource": "CONFIRM", "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"}, {"name": "FreeBSD-SA-17:07", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"}, {"name": "https://www.krackattacks.com/", "refsource": "MISC", "url": "https://www.krackattacks.com/"}, {"name": "1039573", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039573"}, {"name": "SUSE-SU-2017:2752", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"}, {"name": "1039576", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039576"}, {"name": "VU#228519", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/228519"}, {"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"}, {"name": "https://cert.vde.com/en-us/advisories/vde-2017-005", "refsource": "CONFIRM", "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"}, {"name": "USN-3455-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3455-1"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T18:58:12.471Z"}, "title": "CVE Program Container", "references": [{"name": "1039581", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1039581"}, {"name": "101274", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/101274"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"name": "SUSE-SU-2017:2745", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"}, {"name": "DSA-3999", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2017/dsa-3999"}, {"name": "1039578", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1039578"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://access.redhat.com/security/vulnerabilities/kracks"}, {"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"}, {"name": "1039577", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1039577"}, {"name": "openSUSE-SU-2017:2755", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://source.android.com/security/bulletin/2017-11-01"}, {"name": "GLSA-201711-03", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201711-03"}, {"name": "RHSA-2017:2907", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2907"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"}, {"name": "FreeBSD-SA-17:07", "tags": ["vendor-advisory", "x_refsource_FREEBSD", "x_transferred"], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.krackattacks.com/"}, {"name": "1039573", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1039573"}, {"name": "SUSE-SU-2017:2752", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"}, {"name": "1039576", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1039576"}, {"name": "VU#228519", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/228519"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"}, {"name": "USN-3455-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3455-1"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2017-13088", "datePublished": "2017-10-17T13:00:00", "dateReserved": "2017-08-22T00:00:00", "dateUpdated": "2024-08-05T18:58:12.471Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", "matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*", "matchCriteriaId": "4195DB45-CF5A-4FA6-BF58-BAF77EE555C2", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "BD5B9266-A927-4F62-8742-721CE9A4C4C4", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*", "matchCriteriaId": "602D3280-2974-4809-BE70-1EA9437AEBF3", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "C5753931-556B-4EEC-B510-751BA3613CE6", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*", "matchCriteriaId": "2095C863-1FB0-4016-81FF-3CAB44E77FD9", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*", "matchCriteriaId": "AC7AAFCB-AB64-4B39-87AA-936E386A82C2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "F6454F0F-6CC1-4EA2-8D7C-51709FD7F318", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "CFCB5512-B60E-48D7-B136-ADF19E5E74BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "9EB1420D-5D05-4BFC-8AF7-2AB00B76148B", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "21324D89-B634-4D6B-987B-4AD29079373D", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "4AB43314-8725-48A0-8902-864567808AD7", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "B2AA3D0E-C483-4575-8209-DE643A3FEC7F", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "C0DE22EA-D5FA-4477-A3AD-F10455D8DB9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "1212B910-E4A5-47A1-A263-4E1C13CF3EFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "A9A6A99E-5129-4E8D-A0AF-61755BDA3565", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "BC42F782-63CB-4960-BF65-4856776CFBE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "212B0353-4AEF-4861-A054-6193CAA05390", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "4E702507-5BA0-4A12-80C6-A729F32A6A80", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "24810936-DABC-485D-B952-22F16C3016FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "0AF46881-4484-4ABB-AC0C-152664E2CD6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "880CBDD7-BFEC-48F6-8C4C-D300143B6571", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "B29CCA41-5784-48C3-B9ED-6B1FF063FB1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "37B9643D-4046-4034-8B68-18F59154CD66", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*", "matchCriteriaId": "681C458F-D1BD-48DA-86C7-BA714F5AA9B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "4057F722-1A8E-4D75-B049-E3632AC8EF65", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "A1F53FDB-7136-444E-AB03-9D8A6A31E249", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "63AB46C0-2F00-4805-84A9-323BA4E594DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "A74105F9-E729-47BA-A96F-4D15947B673A", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "1F5F7411-0B32-4041-8235-2B1AEC186FF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "9191D783-4390-4603-9C4D-F673270E63C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "E36F3308-EABA-451F-90E1-65919450A809", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "44F6680B-7015-4EB0-AABC-A4DD50894CD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "5CAFF5E3-EA27-4688-87AD-1648003D3D1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "081B4F7E-D7D0-452A-AAEB-0378EB6E7BC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "5E00A5B5-81D8-4BF3-B857-028D7D06CA5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "476C3ED0-B77C-490F-AF1E-BC4C7D52D818", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "8B1972B5-F896-419C-9FFA-FB583B114B8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "C2E84533-EB76-4A8F-90ED-E9342EAF3427", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "E5AE0623-87CB-4CEF-BD3B-6BCF676031CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "905B55A4-2488-44D1-991F-C142C3527F18", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "BDD1984D-BCC2-4FC6-B02E-226B1D8BC6F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "90102D17-8D03-4F59-811B-FBFB98D627C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "C9381F69-1633-44DD-967F-D29587B67079", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "9169BDAC-6207-4B6A-8EF3-D52DED1A9311", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "6FBCD6EA-4E6D-4C6E-97E5-B64F6CB90639", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "62E17E03-53C6-4E74-91A8-4C4363666291", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "C4C6FEDE-B0E9-479A-9185-48D62DBC91FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "643762E2-969E-4531-B79E-961697E5DA8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*", "matchCriteriaId": "627AD871-2091-48E9-B801-3E3D5CF8E594", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "4BC691E5-6265-4FAB-9ACA-C65EB99AFA47", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "4701BF31-B3FC-4590-9787-3BA94ECB8D54", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "5DB96005-E214-4C60-865E-B693115527D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF264-2315-43CE-B2A6-4234B394854C", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "48FD6B1B-7555-449D-9CCB-1487FAEE8098", "vulnerable": true}, {"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "9726F4DE-8037-49AD-A092-7EF9D5BF99EC", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*", "matchCriteriaId": "57CFAD92-EECD-417D-ADDB-8178C320B204", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*", "matchCriteriaId": "C1DCD75C-9775-4922-8A44-C4707C640946", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "086BF5C5-255C-4E2E-83D3-A8B83AED6B60", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*", "matchCriteriaId": "91F8AC0A-13B4-4DF0-B40D-8756ACCDB4C5", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", "matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*", "matchCriteriaId": "B2F3699A-38E4-4E9D-9414-411F71D9E371", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*", "matchCriteriaId": "07E4AF6E-9BA4-4542-8F9F-6BA723F7A64D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients."}, {"lang": "es", "value": "Wi-Fi Protected Access (WPA y WPA2) que soporte IEEE 802.11v permite la reinstalaci\u00f3n de la clave temporal GTK (Integrity Group Temporal Key) cuando se procesa un frame Wireless Network Management (WNM) Sleep Mode Response, haciendo que un atacante que se sit\u00fae dentro del radio reproduzca frames desde los puntos de acceso hasta los clientes."}], "id": "CVE-2017-13088", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.9, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 5.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-10-17T13:29:00.630", "references": [{"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2017/dsa-3999"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/228519"}, {"source": "cret@cert.org", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101274"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039573"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039576"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039577"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039578"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039581"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3455-1"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2907"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/vulnerabilities/kracks"}, {"source": "cret@cert.org", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"}, {"source": "cret@cert.org", "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"}, {"source": "cret@cert.org", "url": "https://security.gentoo.org/glsa/201711-03"}, {"source": "cret@cert.org", "url": "https://source.android.com/security/bulletin/2017-11-01"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"}, {"source": "cret@cert.org", "tags": ["Technical Description", "Third Party Advisory"], "url": "https://www.krackattacks.com/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2017/dsa-3999"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/228519"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101274"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039573"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039576"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039577"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039578"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039581"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3455-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2907"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/vulnerabilities/kracks"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201711-03"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://source.android.com/security/bulletin/2017-11-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Technical Description", "Third Party Advisory"], "url": "https://www.krackattacks.com/"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-323"}], "source": "cret@cert.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-330"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank CERT for reporting this issue. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter.", "affected_release": [{"advisory": "RHSA-2017:2907", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "wpa_supplicant-1:2.6-5.el7_4.1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-10-17T00:00:00Z"}], "bugzilla": {"description": "wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame", "id": "1500304", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500304"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.1", "cvss3_scoring_vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "status": "verified"}, "cwe": "CWE-323", "details": ["Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.", "A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used integrity group key (IGTK) during a Wireless Network Management (WNM) Sleep Mode handshake."], "name": "CVE-2017-13088", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "wpa_supplicant", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "wpa_supplicant", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2017-10-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-13088\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-13088\nhttps://access.redhat.com/security/vulnerabilities/kracks\nhttps://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\nhttps://www.krackattacks.com/"], "statement": "This issue did not affect the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 5 and 6.\nThis issue affects the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 7.", "threat_severity": "Important"}

{}