Executive Summary

Informations
NameCVE-2017-13081First vendor Publication2017-10-17
VendorCveLast vendor Modification2019-10-02

Security-Database Scoring CVSS v2

Cvss vector : (AV:A/AC:M/Au:N/C:N/I:P/A:N)
Cvss Base Score2.9Attack RangeAdjacent network
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score5.5AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081

CWE : Common Weakness Enumeration

%idName
100 %CWE-330Use of Insufficiently Random Values

CPE : Common Platform Enumeration

TypeDescriptionCount
Application31
Application33
Os3
Os2
Os5
Os2
Os1
Os1
Os2
Os1
Os3
Os1

Snort® IPS/IDS

DateDescription
2017-11-28WPA2 key reuse tool attempt
RuleID : 44640 - Revision : 2 - Type : POLICY-OTHER

Nessus® Vulnerability Scanner

DateDescription
2018-11-13Name : The remote Debian host is missing a security update.
File : debian_DLA-1573.nasl - Type : ACT_GATHER_INFO
2018-01-15Name : The remote Fedora host is missing a security update.
File : fedora_2017-f45e844a85.nasl - Type : ACT_GATHER_INFO
2018-01-08Name : The device is vulnerable to key reinstallation attacks (KRACK).
File : juniper_jsa10827_krack.nasl - Type : ACT_GATHER_INFO
2017-12-14Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-1317.nasl - Type : ACT_GATHER_INFO
2017-12-06Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-3505-1.nasl - Type : ACT_GATHER_INFO
2017-11-16Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1241.nasl - Type : ACT_GATHER_INFO
2017-11-16Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1242.nasl - Type : ACT_GATHER_INFO
2017-11-13Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201711-03.nasl - Type : ACT_GATHER_INFO
2017-11-01Name : The remote Debian host is missing a security update.
File : debian_DLA-1150.nasl - Type : ACT_GATHER_INFO
2017-10-30Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-1201.nasl - Type : ACT_GATHER_INFO
2017-10-23Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-1163.nasl - Type : ACT_GATHER_INFO
2017-10-19Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2017-291-02.nasl - Type : ACT_GATHER_INFO
2017-10-18Name : The remote Fedora host is missing a security update.
File : fedora_2017-12e76e8364.nasl - Type : ACT_GATHER_INFO
2017-10-18Name : The remote Fedora host is missing a security update.
File : fedora_2017-60bfb576b7.nasl - Type : ACT_GATHER_INFO
2017-10-18Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-2745-1.nasl - Type : ACT_GATHER_INFO
2017-10-18Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-2752-1.nasl - Type : ACT_GATHER_INFO
2017-10-17Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3999.nasl - Type : ACT_GATHER_INFO
2017-10-17Name : The remote host is affected by multiple vulnerabilities.
File : fortios_FG-IR-17-196.nasl - Type : ACT_GATHER_INFO
2017-10-17Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_d670a953b2a111e7a633009c02a2ab30.nasl - Type : ACT_GATHER_INFO
2017-10-17Name : A wireless network adapter driver on the remote host is affected by multiple ...
File : intel_sa_00101_wlan.nasl - Type : ACT_GATHER_INFO
2017-10-17Name : The remote networking device is affected by KRACK.
File : ubnt_unifi_krack.nasl - Type : ACT_GATHER_INFO
2017-10-17Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3455-1.nasl - Type : ACT_GATHER_INFO
2017-10-16Name : The remote networking device is affected by a heap corruption vulnerability.
File : mikrotik_KRACK.nasl - Type : ACT_GATHER_INFO
2017-10-16Name : The version of ArubaOS is affected by a MitM vulnerability.
File : arubaos_krack.nasl - Type : ACT_GATHER_INFO
2017-10-16Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20171016-wpa-asa_with_firepower_services.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/101274
CERT-VN http://www.kb.cert.org/vuls/id/228519
CISCO https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s...
CONFIRM http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
https://access.redhat.com/security/vulnerabilities/kracks
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
https://cert.vde.com/en-us/advisories/vde-2017-005
https://source.android.com/security/bulletin/2017-11-01
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr...
DEBIAN http://www.debian.org/security/2017/dsa-3999
FREEBSD https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc
GENTOO https://security.gentoo.org/glsa/201711-03
MISC https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
https://www.krackattacks.com/
MLIST https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html
SECTRACK http://www.securitytracker.com/id/1039573
http://www.securitytracker.com/id/1039576
http://www.securitytracker.com/id/1039577
http://www.securitytracker.com/id/1039578
http://www.securitytracker.com/id/1039581
http://www.securitytracker.com/id/1039585
SUSE http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html
UBUNTU http://www.ubuntu.com/usn/USN-3455-1

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
DateInformations
2019-10-03 09:20:03
  • Multiple Updates
2018-11-13 17:19:22
  • Multiple Updates
2018-05-17 09:19:36
  • Multiple Updates
2018-05-11 09:19:09
  • Multiple Updates
2018-05-10 09:19:35
  • Multiple Updates
2018-01-18 21:22:35
  • Multiple Updates
2017-12-15 13:23:45
  • Multiple Updates
2017-12-07 13:23:50
  • Multiple Updates
2017-11-17 13:23:44
  • Multiple Updates
2017-11-17 09:22:01
  • Multiple Updates
2017-11-14 13:24:55
  • Multiple Updates
2017-11-12 09:24:18
  • Multiple Updates
2017-11-02 13:25:26
  • Multiple Updates
2017-11-01 17:20:54
  • Multiple Updates
2017-10-31 13:25:29
  • Multiple Updates
2017-10-24 13:25:29
  • Multiple Updates
2017-10-23 09:23:33
  • Multiple Updates
2017-10-20 13:24:58
  • Multiple Updates
2017-10-19 13:24:51
  • Multiple Updates
2017-10-19 09:23:59
  • Multiple Updates
2017-10-18 13:24:52
  • Multiple Updates
2017-10-17 17:23:44
  • First insertion