Vulnerability Name:

CVE-2017-13084 (CCN-133437)

Assigned:2017-10-16
Published:2017-10-16
Updated:2019-10-03
Summary:Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
CVSS v3 Severity:6.8 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)
6.1 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Adjacent
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): None
8.1 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)
7.3 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Adjacent
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): None
CVSS v2 Severity:5.4 Medium (CVSS v2 Vector: AV:A/AC:M/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.8 High (CCN CVSS v2 Vector: AV:A/AC:L/Au:N/C:C/I:C/A:N)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): None
Vulnerability Type:CWE-330
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2017-13084

Source: CCN
Type: Aruba Product Security Advisory Advisory ID: ARUBA-PSA-2017-007
WPA2 Key Reinstallation Vulnerabilities

Source: CONFIRM
Type: Third Party Advisory
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt

Source: CCN
Type: US-CERT VU#228519
Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to induce nonce and session key reuse

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#228519

Source: BID
Type: Third Party Advisory, VDB Entry
101274

Source: CCN
Type: BID-101274
WPA2 Key Reinstallation Multiple Security Weaknesses

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1039576

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1039577

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1039581

Source: CCN
Type: Wi-Fi Alliance Web site
WPA2 (Wi-Fi Protected Access 2)

Source: CONFIRM
Type: Third Party Advisory
https://access.redhat.com/security/vulnerabilities/kracks

Source: CONFIRM
Type: UNKNOWN
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf

Source: XF
Type: UNKNOWN
wpa2-cve201713084-sec-bypass(133437)

Source: CCN
Type: INTEL-SA-00101
One or more Intel Products affected by the Wi-Fi Protected Access II (WPA2) protocol vulnerability

Source: GENTOO
Type: UNKNOWN
GLSA-201711-03

Source: CONFIRM
Type: Third Party Advisory
https://support.lenovo.com/us/en/product_security/LEN-17420

Source: CCN
Type: Cisco Security Advisory cisco-sa-20171016-wpa
Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II

Source: CISCO
Type: Third Party Advisory
20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II

Source: MISC
Type: Third Party Advisory
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt

Source: CCN
Type: KRACK Web site
Key Reinstallation Attacks Breaking WPA2 by forcing nonce reuse

Source: MISC
Type: Technical Description, Third Party Advisory
https://www.krackattacks.com/

Vulnerable Configuration:Configuration 1:
  • cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:*:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:10:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:10.4:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:11:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:11.1:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:leap:42.2:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:leap:42.3:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*
  • OR cpe:/a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*
  • OR cpe:/o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*
  • OR cpe:/o:suse:openstack_cloud:6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.trusty:def:201713084000
    V
    		CVE-2017-13084 on Ubuntu 14.04 LTS (trusty) - high.
    2017-10-17
    oval:com.ubuntu.xenial:def:201713084000
    V
    		CVE-2017-13084 on Ubuntu 16.04 LTS (xenial) - high.
    2017-10-17
    oval:com.ubuntu.xenial:def:2017130840000000
    V
    		CVE-2017-13084 on Ubuntu 16.04 LTS (xenial) - high.
    2017-10-17
    BACK
    canonical ubuntu linux 14.04
    canonical ubuntu linux 16.04
    canonical ubuntu linux 17.04
    debian debian linux 8.0
    debian debian linux 9.0
    freebsd freebsd *
    freebsd freebsd 10
    freebsd freebsd 10.4
    freebsd freebsd 11
    freebsd freebsd 11.1
    opensuse leap 42.2
    opensuse leap 42.3
    redhat enterprise linux desktop 7
    redhat enterprise linux server 7
    w1.fi hostapd 0.2.4
    w1.fi hostapd 0.2.5
    w1.fi hostapd 0.2.6
    w1.fi hostapd 0.2.8
    w1.fi hostapd 0.3.7
    w1.fi hostapd 0.3.9
    w1.fi hostapd 0.3.10
    w1.fi hostapd 0.3.11
    w1.fi hostapd 0.4.7
    w1.fi hostapd 0.4.8
    w1.fi hostapd 0.4.9
    w1.fi hostapd 0.4.10
    w1.fi hostapd 0.4.11
    w1.fi hostapd 0.5.7
    w1.fi hostapd 0.5.8
    w1.fi hostapd 0.5.9
    w1.fi hostapd 0.5.10
    w1.fi hostapd 0.5.11
    w1.fi hostapd 0.6.8
    w1.fi hostapd 0.6.9
    w1.fi hostapd 0.6.10
    w1.fi hostapd 0.7.3
    w1.fi hostapd 1.0
    w1.fi hostapd 1.1
    w1.fi hostapd 2.0
    w1.fi hostapd 2.1
    w1.fi hostapd 2.2
    w1.fi hostapd 2.3
    w1.fi hostapd 2.4
    w1.fi hostapd 2.5
    w1.fi hostapd 2.6
    w1.fi wpa supplicant 0.2.4
    w1.fi wpa supplicant 0.2.5
    w1.fi wpa supplicant 0.2.6
    w1.fi wpa supplicant 0.2.7
    w1.fi wpa supplicant 0.2.8
    w1.fi wpa supplicant 0.3.7
    w1.fi wpa supplicant 0.3.8
    w1.fi wpa supplicant 0.3.9
    w1.fi wpa supplicant 0.3.10
    w1.fi wpa supplicant 0.3.11
    w1.fi wpa supplicant 0.4.7
    w1.fi wpa supplicant 0.4.8
    w1.fi wpa supplicant 0.4.9
    w1.fi wpa supplicant 0.4.10
    w1.fi wpa supplicant 0.4.11
    w1.fi wpa supplicant 0.5.7
    w1.fi wpa supplicant 0.5.8
    w1.fi wpa supplicant 0.5.9
    w1.fi wpa supplicant 0.5.10
    w1.fi wpa supplicant 0.5.11
    w1.fi wpa supplicant 0.6.8
    w1.fi wpa supplicant 0.6.9
    w1.fi wpa supplicant 0.6.10
    w1.fi wpa supplicant 0.7.3
    w1.fi wpa supplicant 1.0
    w1.fi wpa supplicant 1.1
    w1.fi wpa supplicant 2.0
    w1.fi wpa supplicant 2.1
    w1.fi wpa supplicant 2.2
    w1.fi wpa supplicant 2.3
    w1.fi wpa supplicant 2.4
    w1.fi wpa supplicant 2.5
    w1.fi wpa supplicant 2.6
    suse linux enterprise desktop 12 sp2
    suse linux enterprise desktop 12 sp3
    suse linux enterprise point of sale 11 sp3
    suse linux enterprise server 11 sp3
    suse linux enterprise server 11 sp4
    suse linux enterprise server 12
    suse openstack cloud 6