Home

CVE-2017-13084

Description

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Risk Information

Base Score
6.8
MODERATE
Vector
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
0.786

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II For Cisco AnyConnect Secure Mobility ClientNCM
Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II For Cisco IP Phone 8800 SeriesNCM
Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II For Cisco Telepresence Integrator C SeriesNCM
Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II For Cisco Small Business 300 Series Wireless Access PointsNCM
Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II For Cisco Small Business 500 Series Wireless Access PointsNCM
Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II For Cisco Aironet 1850 Series Access PointsNCM
Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II For Cisco Aironet 3700 Series Access PointsNCM
Use of Insufficiently Random Values Vulnerability (CVE-2017-13084)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1705981Security Update for Cisco AnyConnect Secure Mobility Client 4.3(2034)
PATCH-1705974Security Update for Cisco IP Phone 8800 Series 11.7(1)SC2
PATCH-1706043Security Update for Cisco Telepresence Integrator C Series 9.1.1
PATCH-1704913Security Update for Cisco Small Business 300 Series Wireless Access Points 1.0.6.7
PATCH-1704664Security Update for Cisco Small Business 500 Series Wireless Access Points 1.2.1.6
PATCH-1705928Security Update for Cisco Aironet 1850 Series Access Points 8.3(15.136)
PATCH-1705527Security Update for Cisco Aironet 3700 Series Access Points 7.5(102.0)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234