Detections
Analytics
CVE-2017-13081
medium
Description
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
References
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us
https://source.android.com/security/bulletin/2017-11-01
https://security.gentoo.org/glsa/201711-03
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc
https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html
https://cert.vde.com/en-us/advisories/vde-2017-005
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
https://access.redhat.com/security/vulnerabilities/kracks
http://www.ubuntu.com/usn/USN-3455-1
http://www.securitytracker.com/id/1039585
http://www.securitytracker.com/id/1039581
http://www.securitytracker.com/id/1039578
http://www.securitytracker.com/id/1039577
http://www.securitytracker.com/id/1039576
http://www.securitytracker.com/id/1039573
http://www.securityfocus.com/bid/101274
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.kb.cert.org/vuls/id/228519
http://www.debian.org/security/2017/dsa-3999
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html