CVE-2017-13087
UnknownEPSS 1.74%
Last modified
CVE-2017-13087 is a vulnerability of currently unknown severity. Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.. EPSS estimates a 1.74% chance of exploitation in the next 30 days.
Description
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Canonical | Ubuntu Linux | 14.04 | — |
| Canonical | Ubuntu Linux | 16.04 | — |
| Canonical | Ubuntu Linux | 17.04 | — |
| Debian | Debian Linux | 8.0 | — |
| Debian | Debian Linux | 9.0 | — |
| Freebsd | Freebsd | All versions | — |
| Freebsd | Freebsd | 10 | — |
| Freebsd | Freebsd | 10.4 | — |
| Freebsd | Freebsd | 11 | — |
| Freebsd | Freebsd | 11.1 | — |
| Opensuse | Leap | 42.2 | — |
| Opensuse | Leap | 42.3 | — |
| Redhat | Enterprise Linux Desktop | 7 | — |
| Redhat | Enterprise Linux Server | 7 | — |
| W1.Fi | Hostapd | 0.2.4 | — |
| W1.Fi | Hostapd | 0.2.5 | — |
| W1.Fi | Hostapd | 0.2.6 | — |
| W1.Fi | Hostapd | 0.2.8 | — |
| W1.Fi | Hostapd | 0.3.7 | — |
| W1.Fi | Hostapd | 0.3.9 | — |
| W1.Fi | Hostapd | 0.3.10 | — |
| W1.Fi | Hostapd | 0.3.11 | — |
| W1.Fi | Hostapd | 0.4.7 | — |
| W1.Fi | Hostapd | 0.4.8 | — |
| W1.Fi | Hostapd | 0.4.9 | — |
| W1.Fi | Hostapd | 0.4.10 | — |
| W1.Fi | Hostapd | 0.4.11 | — |
| W1.Fi | Hostapd | 0.5.7 | — |
| W1.Fi | Hostapd | 0.5.8 | — |
| W1.Fi | Hostapd | 0.5.9 | — |
| W1.Fi | Hostapd | 0.5.10 | — |
| W1.Fi | Hostapd | 0.5.11 | — |
| W1.Fi | Hostapd | 0.6.8 | — |
| W1.Fi | Hostapd | 0.6.9 | — |
| W1.Fi | Hostapd | 0.6.10 | — |
| W1.Fi | Hostapd | 0.7.3 | — |
| W1.Fi | Hostapd | 1.0 | — |
| W1.Fi | Hostapd | 1.1 | — |
| W1.Fi | Hostapd | 2.0 | — |
| W1.Fi | Hostapd | 2.1 | — |
| W1.Fi | Hostapd | 2.2 | — |
| W1.Fi | Hostapd | 2.3 | — |
| W1.Fi | Hostapd | 2.4 | — |
| W1.Fi | Hostapd | 2.5 | — |
| W1.Fi | Hostapd | 2.6 | — |
| W1.Fi | Wpa Supplicant | 0.2.4 | — |
| W1.Fi | Wpa Supplicant | 0.2.5 | — |
| W1.Fi | Wpa Supplicant | 0.2.6 | — |
| W1.Fi | Wpa Supplicant | 0.2.7 | — |
| W1.Fi | Wpa Supplicant | 0.2.8 | — |
Showing 50 of 83 affected configurations. See NVD for the full list.
References
- http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.htmlThird Party Advisory
- http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txtThird Party Advisory
- http://www.debian.org/security/2017/dsa-3999Third Party Advisory
- http://www.kb.cert.org/vuls/id/228519Third Party Advisory, US Government Resource
- http://www.securityfocus.com/bid/101274Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039573Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039576Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039577Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039578Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039581Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/USN-3455-1Third Party Advisory
- https://access.redhat.com/errata/RHSA-2017:2907Third Party Advisory
- https://access.redhat.com/errata/RHSA-2017:2911Third Party Advisory
- https://access.redhat.com/security/vulnerabilities/kracksThird Party Advisory
- https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.ascThird Party Advisory
- https://support.lenovo.com/us/en/product_security/LEN-17420Third Party Advisory
- https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txtThird Party Advisory
- https://www.krackattacks.com/Technical Description, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.htmlThird Party Advisory
- http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txtThird Party Advisory
- http://www.debian.org/security/2017/dsa-3999Third Party Advisory
- http://www.kb.cert.org/vuls/id/228519Third Party Advisory, US Government Resource
- http://www.securityfocus.com/bid/101274Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039573Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039576Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039577Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039578Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039581Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/USN-3455-1Third Party Advisory
- https://access.redhat.com/errata/RHSA-2017:2907Third Party Advisory
- https://access.redhat.com/errata/RHSA-2017:2911Third Party Advisory
- https://access.redhat.com/security/vulnerabilities/kracksThird Party Advisory
- https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.ascThird Party Advisory
- https://support.lenovo.com/us/en/product_security/LEN-17420Third Party Advisory
- https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txtThird Party Advisory
- https://www.krackattacks.com/Technical Description, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-13087?
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
How severe is CVE-2017-13087?
Severity scoring for CVE-2017-13087 is pending analysis. The EPSS model estimates a 1.74% probability of exploitation in the next 30 days.
How do I fix CVE-2017-13087?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2017-13087?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST