Home

CVE-2017-13080

Description

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

Risk Information

Base Score
4.1
MODERATE
Vector
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
1.572

Associated Vulnerability

VulnerabilityOS Platform
Windows Wireless WPA Group Key Reinstallation Vulnerability for Windows Server 2008 for x64-based Systems (KB4042723)Windows
Windows Wireless WPA Group Key Reinstallation Vulnerability for Windows Server 2008 (KB4042723)Windows
Windows SMB Denial of Service Vulnerability for Windows 7 for x64-based Systems (KB4041678)Windows
Windows SMB Denial of Service Vulnerability for Windows Server 2008 R2 for x64-based Systems (KB4041678)Windows
Windows SMB Denial of Service Vulnerability for Windows 7 for x86-based Systems (KB4041678)Windows
Windows SMB Denial of Service Vulnerability for Windows Server 2008 R2 for x64-based Systems (KB4041681)Windows
Windows SMB Denial of Service Vulnerability for Windows 7 for x64-based Systems (KB4041681)Windows
Windows SMB Denial of Service Vulnerability for Windows 7 for x86-based Systems (KB4041681)Windows
Windows SMB Denial of Service Vulnerability for Windows 8.1 for x64-based Systems (KB4041687)Windows
Windows SMB Denial of Service Vulnerability for Windows Server 2012 R2 for x64-based Systems (KB4041687)Windows
Windows SMB Denial of Service Vulnerability for Windows 8.1 for x86-based Systems (KB4041687)Windows
Windows SMB Denial of Service Vulnerability for Windows 8.1 for x64-based Systems (KB4041693)Windows
Windows SMB Denial of Service Vulnerability for Windows Server 2012 R2 for x64-based Systems (KB4041693)Windows
Windows SMB Denial of Service Vulnerability for Windows 8.1 for x86-based Systems (KB4041693)Windows
Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1511 for x64-based Systems (KB4041689) - CumulativeWindows
Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1511 for x86-based Systems (KB4041689) - CumulativeWindows
Windows SMB Denial of Service Vulnerability for Windows Server 2012 for x64-based Systems (KB4041679)Windows
Windows SMB Denial of Service Vulnerability for Windows Server 2012 for x64-based Systems (KB4041690)Windows
Microsoft Edge Information Disclosure Vulnerability for Windows Server 2016 for x64-based Systems (KB4041691) - CumulativeWindows
Microsoft Edge Information Disclosure Vulnerability for Windows Server 2016 for x64-based Systems (KB4041691) - DeltaWindows
Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4041691) - CumulativeWindows
Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4041691) - DeltaWindows
Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4041691) - CumulativeWindows
Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4041691) - DeltaWindows
Scripting Engine Information Disclosure Vulnerability for Windows 10 Version 1507 for x64-based Systems (KB4042895) - CumulativeWindows
Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4041676) - CumulativeWindows
Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4041676) - DeltaWindows
Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1703 for x86-based Systems (KB4041676) - CumulativeWindows
Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1703 for x86-based Systems (KB4041676) - DeltaWindows
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.4 - Reboot AutomaticallyMac
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.4 Combo Update - Reboot AutomaticallyMac
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.1Mac
Multiple vulnerabilities are fixed in Security Update 2017-001 macOS High Sierra v10.13.1Mac
Firmware for Linux kernel drivers (USN-3505-1) linux-firmware_1.127.24_all.debLinux
Wpa_supplicant security update (CESA-2017:2911) wpa_supplicant-0.7.3-9.el6_9.2.i686.rpmLinux
Wpa_supplicant security update (CESA-2017:2911) wpa_supplicant-0.7.3-9.el6_9.2.x86_64.rpmLinux
(RHSA-2017:2907) Important: wpa_supplicant security update wpa_supplicant-2.6-5.el7_4.1.x86_64.rpmLinux
(RHSA-2017:2911) Important: wpa_supplicant security update wpa_supplicant-0.7.3-9.el6_9.2.i686.rpmLinux
(RHSA-2017:2911) Important: wpa_supplicant security update wpa_supplicant-0.7.3-9.el6_9.2.x86_64.rpmLinux
SUSE-SU-2017:2745-1(SUSE Linux Enterprise Desktop 12-SP2 ) wpa_supplicant-2.2-15.3.1.x86_64.rpmLinux
SUSE-SU-2017:2745-1(SUSE Linux Enterprise Desktop 12-SP2 ) wpa_supplicant-debuginfo-2.2-15.3.1.x86_64.rpmLinux
SUSE-SU-2017:2745-1(SUSE Linux Enterprise Desktop 12-SP2 ) wpa_supplicant-debugsource-2.2-15.3.1.x86_64.rpmLinux
SUSE-SU-2020:3424-1(SUSE Linux Enterprise Server 12-SP5 ) wpa_supplicant-2.9-23.3.1.x86_64.rpmLinux
SUSE-SU-2020:3424-1(SUSE Linux Enterprise Server 12-SP5 ) wpa_supplicant-debuginfo-2.9-23.3.1.x86_64.rpmLinux
SUSE-SU-2020:3424-1(SUSE Linux Enterprise Server 12-SP5 ) wpa_supplicant-debugsource-2.9-23.3.1.x86_64.rpmLinux
Wpa_supplicant update (ELSA-2017-2911) wpa_supplicant-0.7.3-9.el6_9.2.x86_64.rpmLinux
Wpa_supplicant update (ELSA-2017-2911) wpa_supplicant-0.7.3-9.el6_9.2.i686.rpmLinux
Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II For Cisco AnyConnect Secure Mobility ClientNCM
Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II For Cisco IP Phone 8800 SeriesNCM
Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II For Cisco Telepresence Integrator C SeriesNCM
Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II For Cisco Small Business 300 Series Wireless Access PointsNCM
Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II For Cisco Small Business 500 Series Wireless Access PointsNCM
Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II For Cisco Aironet 1850 Series Access PointsNCM
Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II For Cisco Aironet 3700 Series Access PointsNCM
Use of Insufficiently Random Values Vulnerability (CVE-2017-13080)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-23220Security Update for Windows Server 2008 for x64-based Systems (KB4042723)
PATCH-23219Security Update for Windows Server 2008 (KB4042723)
PATCH-231862017-10 Security Only Quality Update for Windows 7 for x64-based Systems (KB4041678)
PATCH-231872017-10 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4041678)
PATCH-231852017-10 Security Only Quality Update for Windows 7 for x86-based Systems (KB4041678)
PATCH-231942017-10 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4041681)
PATCH-231932017-10 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4041681)
PATCH-231922017-10 Security Monthly Quality Rollup for Windows 7 for x86-based Systems (KB4041681)
PATCH-231892017-10 Security Only Quality Update for Windows 8.1 for x64-based Systems (KB4041687)
PATCH-231902017-10 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB4041687)
PATCH-231882017-10 Security Only Quality Update for Windows 8.1 for x86-based Systems (KB4041687)
PATCH-231962017-10 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB4041693)
PATCH-231972017-10 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4041693)
PATCH-231952017-10 Security Monthly Quality Rollup for Windows 8.1 for x86-based Systems (KB4041693)
PATCH-23204Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB4041689)
PATCH-23203Cumulative Update for Windows 10 Version 1511 for x86-based Systems (KB4041689)
PATCH-231912017-10 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB4041679)
PATCH-231982017-10 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB4041690)
PATCH-23209Cumulative Update for Windows Server 2016 for x64-based Systems (KB4041691)
PATCH-23210Delta Update for Windows Server 2016 for x64-based Systems (KB4041691)
PATCH-23206Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4041691)
PATCH-23208Delta Update for Windows 10 Version 1607 for x64-based Systems (KB4041691)
PATCH-23205Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4041691)
PATCH-23207Delta Update for Windows 10 Version 1607 for x86-based Systems (KB4041691)
PATCH-23202Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB4042895)
PATCH-1705981Security Update for Cisco AnyConnect Secure Mobility Client 4.3(2034)
PATCH-1705974Security Update for Cisco IP Phone 8800 Series 11.7(1)SC2
PATCH-1706043Security Update for Cisco Telepresence Integrator C Series 9.1.1
PATCH-1704913Security Update for Cisco Small Business 300 Series Wireless Access Points 1.0.6.7
PATCH-1704664Security Update for Cisco Small Business 500 Series Wireless Access Points 1.2.1.6
PATCH-1705928Security Update for Cisco Aironet 1850 Series Access Points 8.3(15.136)
PATCH-1705527Security Update for Cisco Aironet 3700 Series Access Points 7.5(102.0)
PATCH-601562macOS High Sierra 10.13.6 - Reboot Automatically
PATCH-601563macOS High Sierra 10.13.6 Combo Update - Reboot Automatically
PATCH-601562macOS High Sierra 10.13.6 - Reboot Automatically
PATCH-601312Security Update 2017-001 macOS High Sierra v10.13.1

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234