cvelist/2017/13xxx/CVE-2017-13080.json

{
    "CVE_data_meta":{
        "ASSIGNER":"cert@cert.org",
        "ID":"CVE-2017-13080",
        "STATE":"PUBLIC"
    },
    "affects":{
        "vendor":{
            "vendor_data":[
                {
                    "product":{
                        "product_data":[
                            {
                                "product_name":"Wi-Fi Protected Access (WPA and WPA2)",
                                "version":{
                                    "version_data":[
                                        {
                                            "version_value":"WPA"
                                        },
                                        {
                                            "version_value":"WPA2"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name":"Wi-Fi Alliance"
                }
            ]
        }
    },
    "data_format":"MITRE",
    "data_type":"CVE",
    "data_version":"4.0",
    "description":{
        "description_data":[
            {
                "lang":"eng",
                "value":"Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients."
            }
        ]
    },
    "problemtype":{
        "problemtype_data":[
            {
                "description":[
                    {
                        "lang":"eng",
                        "value":"CWE-323: Reusing a Nonce, Key Pair in Encryption"
                    }
                ]
            }
        ]
    },
    "references":{
        "reference_data":[
            {
                "name":"[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
                "refsource":"MLIST",
                "url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
            },
            {
                "name":"https://www.krackattacks.com/",
                "refsource":"MISC",
                "url":"https://www.krackattacks.com/"
            },
            {
                "name":"https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
                "refsource":"MISC",
                "url":"https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
            },
            {
                "name":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080",
                "refsource":"CONFIRM",
                "url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
            },
            {
                "name":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
                "refsource":"CONFIRM",
                "url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
            },
            {
                "name":"https://access.redhat.com/security/vulnerabilities/kracks",
                "refsource":"CONFIRM",
                "url":"https://access.redhat.com/security/vulnerabilities/kracks"
            },
            {
                "name":"https://support.lenovo.com/us/en/product_security/LEN-17420",
                "refsource":"CONFIRM",
                "url":"https://support.lenovo.com/us/en/product_security/LEN-17420"
            },
            {
                "name":"https://support.apple.com/HT208219",
                "refsource":"CONFIRM",
                "url":"https://support.apple.com/HT208219"
            },
            {
                "name":"https://support.apple.com/HT208220",
                "refsource":"CONFIRM",
                "url":"https://support.apple.com/HT208220"
            },
            {
                "name":"https://support.apple.com/HT208221",
                "refsource":"CONFIRM",
                "url":"https://support.apple.com/HT208221"
            },
            {
                "name":"https://support.apple.com/HT208222",
                "refsource":"CONFIRM",
                "url":"https://support.apple.com/HT208222"
            },
            {
                "name":"https://source.android.com/security/bulletin/2017-11-01",
                "refsource":"CONFIRM",
                "url":"https://source.android.com/security/bulletin/2017-11-01"
            },
            {
                "name":"https://support.apple.com/HT208325",
                "refsource":"CONFIRM",
                "url":"https://support.apple.com/HT208325"
            },
            {
                "name":"https://support.apple.com/HT208327",
                "refsource":"CONFIRM",
                "url":"https://support.apple.com/HT208327"
            },
            {
                "name":"https://support.apple.com/HT208334",
                "refsource":"CONFIRM",
                "url":"https://support.apple.com/HT208334"
            },
            {
                "name":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
                "refsource":"CONFIRM",
                "url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
                "name":"20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
                "refsource":"CISCO",
                "url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
            },
            {
                "name":"DSA-3999",
                "refsource":"DEBIAN",
                "url":"http://www.debian.org/security/2017/dsa-3999"
            },
            {
                "name":"FreeBSD-SA-17:07",
                "refsource":"FREEBSD",
                "url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
            },
            {
                "name":"GLSA-201711-03",
                "refsource":"GENTOO",
                "url":"https://security.gentoo.org/glsa/201711-03"
            },
            {
                "name":"RHSA-2017:2907",
                "refsource":"REDHAT",
                "url":"https://access.redhat.com/errata/RHSA-2017:2907"
            },
            {
                "name":"RHSA-2017:2911",
                "refsource":"REDHAT",
                "url":"https://access.redhat.com/errata/RHSA-2017:2911"
            },
            {
                "name":"SUSE-SU-2017:2745",
                "refsource":"SUSE",
                "url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
            },
            {
                "name":"SUSE-SU-2017:2752",
                "refsource":"SUSE",
                "url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
            },
            {
                "name":"openSUSE-SU-2017:2755",
                "refsource":"SUSE",
                "url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
            },
            {
                "name":"USN-3455-1",
                "refsource":"UBUNTU",
                "url":"http://www.ubuntu.com/usn/USN-3455-1"
            },
            {
                "name":"VU#228519",
                "refsource":"CERT-VN",
                "url":"http://www.kb.cert.org/vuls/id/228519"
            },
            {
                "name":"101274",
                "refsource":"BID",
                "url":"http://www.securityfocus.com/bid/101274"
            },
            {
                "name":"1039572",
                "refsource":"SECTRACK",
                "url":"http://www.securitytracker.com/id/1039572"
            },
            {
                "name":"1039573",
                "refsource":"SECTRACK",
                "url":"http://www.securitytracker.com/id/1039573"
            },
            {
                "name":"1039576",
                "refsource":"SECTRACK",
                "url":"http://www.securitytracker.com/id/1039576"
            },
            {
                "name":"1039577",
                "refsource":"SECTRACK",
                "url":"http://www.securitytracker.com/id/1039577"
            },
            {
                "name":"1039578",
                "refsource":"SECTRACK",
                "url":"http://www.securitytracker.com/id/1039578"
            },
            {
                "name":"1039581",
                "refsource":"SECTRACK",
                "url":"http://www.securitytracker.com/id/1039581"
            },
            {
                "name":"1039585",
                "refsource":"SECTRACK",
                "url":"http://www.securitytracker.com/id/1039585"
            },
            {
                "name":"1039703",
                "refsource":"SECTRACK",
                "url":"http://www.securitytracker.com/id/1039703"
            },
            {
                "url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
            }
        ]
    }
}