ALT-PU-2017-2441-1 — wpa

BDU:2017-02263

HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (pairwise key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23

CVSS 3.xHIGH 7.9

CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CVSS 2.0HIGH 7.9

CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2017-02264

HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (group key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23

CVSS 3.xHIGH 7.9

CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CVSS 2.0HIGH 7.9

CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2017-02265

HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (integrity group key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23

CVSS 3.xHIGH 7.9

CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CVSS 2.0HIGH 7.9

CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2017-02266

HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (group key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23

CVSS 3.xHIGH 7.9

CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CVSS 2.0HIGH 7.9

CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2017-02267

HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (integrity group key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23

CVSS 3.xHIGH 7.9

CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CVSS 2.0HIGH 7.9

CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2017-02268

HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (pairwise key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23

CVSS 3.xHIGH 7.9

CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CVSS 2.0HIGH 7.9

CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2017-02270

HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (Tunered Direct Link PeerKey) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23

CVSS 3.xHIGH 7.9

CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CVSS 2.0HIGH 7.9

CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2017-02271

HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (group key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23

CVSS 3.xHIGH 7.9

CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CVSS 2.0HIGH 7.9

CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2017-02272

HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (integrity group key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23

CVSS 3.xHIGH 7.9

CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CVSS 2.0HIGH 7.9

CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2017-13077

MEDIUM6.8

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Published: 2017-10-17Modified: 2025-04-20

CVSS 2.0MEDIUM 5.4

CVSS:2.0/AV:A/AC:M/Au:N/C:P/I:P/A:P

CVSS 3.xMEDIUM 6.8

CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

References

CVE-2017-13078

MEDIUM5.3

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

Published: 2017-10-17Modified: 2025-04-20

CVSS 2.0LOW 2.9

CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:P/A:N

CVSS 3.xMEDIUM 5.3

CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References

CVE-2017-13079

MEDIUM5.3

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Published: 2017-10-17Modified: 2025-04-20

CVSS 2.0LOW 2.9

CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:P/A:N

CVSS 3.xMEDIUM 5.3

CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References

CVE-2017-13080

MEDIUM5.3

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

Published: 2017-10-17Modified: 2025-04-20

CVSS 2.0LOW 2.9

CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:P/A:N

CVSS 3.xMEDIUM 5.3

CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References

CVE-2017-13081

MEDIUM5.3

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Published: 2017-10-17Modified: 2025-04-20

CVSS 2.0LOW 2.9

CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:P/A:N

CVSS 3.xMEDIUM 5.3

CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References

CVE-2017-13082

HIGH8.1

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Published: 2017-10-17Modified: 2025-04-20

CVSS 2.0MEDIUM 5.8

CVSS:2.0/AV:A/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 8.1

CVSS:3.x/CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

References

CVE-2017-13086

MEDIUM6.8

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Published: 2017-10-17Modified: 2025-04-20

CVSS 2.0MEDIUM 5.4

CVSS:2.0/AV:A/AC:M/Au:N/C:P/I:P/A:P

CVSS 3.xMEDIUM 6.8

CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

References

CVE-2017-13087

MEDIUM5.3

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

Published: 2017-10-17Modified: 2025-04-20

CVSS 2.0LOW 2.9

CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:P/A:N

CVSS 3.xMEDIUM 5.3

CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References

CVE-2017-13088

MEDIUM5.3

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

Published: 2017-10-17Modified: 2025-04-20

CVSS 2.0LOW 2.9

CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:P/A:N

CVSS 3.xMEDIUM 5.3

CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References

Package update wpa_supplicant in branch sisyphus

Closed issues (18)

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.