Vulnerability-Lookup

VDE-2021-010

Vulnerability from csaf_endresshauserag - Published: 2021-05-18 09:00 - Updated: 2025-05-14 12:28

Summary

Endress+Hauser: products utilizing WPA2 vulnerable to KRACK attacks

Notes

Summary: Endress+Hauser products utilizing WPA2 are vulnerable to KRACK attacks. Proline portfolio is a flow meter with an optional WLAN interface in the display. The flowmeters are only affected if the optional WLAN display is present.

Impact: The feasibility of modifying the configuration of the device depends on the configuration settings regarding the used protocol (for example: OPC UA, http) to communicate via WLAN. - Access to operator network via device isn't possible because bridging in the device isn't supported. - The WLAN passphrase isn't readable. - Via OPC UA: read/write data access isn't possible if encryption is activated. - Via Webserver and CDI-RJ45: read data is possible. Write data isn't possible if individual password is used.

Mitigation: If an immediate firmware update is not possible, the WLAN on the unit can also be switched off as a precautionary measure.

Recommendations: As a general security measure Endress+Hauser strongly recommends protecting network access to the WLAN network with appropriate mechanisms. It is advised to configure the environment according to best practices to run the devices in a protected IT environment. Further general recommendations apply for the affected products: Activate encryption for OPC UA For Webserver and CDI-RJ45: Change device default password to individual password For WLAN: Change WLAN default password to individual WLAN password

Remediation: Endress+Hauser provides updated firmware versions for all related products from the Proline portfolio which fixes the vulnerability and recommends customers to update to the new fixed version. For support, please contact your local service center.

CVE-2017-13077

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

6.8 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Mitigation If an immediate firmware update is not possible, the WLAN on the unit can also be switched off as a precautionary measure.

Vendor Fix Endress+Hauser provides updated firmware versions for all related products from the Proline portfolio which fixes the vulnerability and recommends customers to update to the new fixed version. For support, please contact your local service center.

Affected products

Known affected 55 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—
Unresolved product id: CSAFPID-31009		—
Unresolved product id: CSAFPID-31010		—
Unresolved product id: CSAFPID-31011		—
Unresolved product id: CSAFPID-31012		—
Unresolved product id: CSAFPID-31013		—
Unresolved product id: CSAFPID-31014		—
Unresolved product id: CSAFPID-31015		—
Unresolved product id: CSAFPID-31016		—
Unresolved product id: CSAFPID-31017		—
Unresolved product id: CSAFPID-31018		—
Unresolved product id: CSAFPID-31019		—
Unresolved product id: CSAFPID-31020		—
Unresolved product id: CSAFPID-31021		—
Unresolved product id: CSAFPID-31022		—
Unresolved product id: CSAFPID-31023		—
Unresolved product id: CSAFPID-31024		—
Unresolved product id: CSAFPID-31025		—
Unresolved product id: CSAFPID-31026		—
Unresolved product id: CSAFPID-31027		—
Unresolved product id: CSAFPID-31028		—
Unresolved product id: CSAFPID-31029		—
Unresolved product id: CSAFPID-31030		—
Unresolved product id: CSAFPID-31031		—
Unresolved product id: CSAFPID-31032		—
Unresolved product id: CSAFPID-31033		—
Unresolved product id: CSAFPID-31034		—
Unresolved product id: CSAFPID-31035		—
Unresolved product id: CSAFPID-31036		—
Unresolved product id: CSAFPID-31037		—
Unresolved product id: CSAFPID-31038		—
Unresolved product id: CSAFPID-31039		—
Unresolved product id: CSAFPID-31040		—
Unresolved product id: CSAFPID-31041		—
Unresolved product id: CSAFPID-31042		—
Unresolved product id: CSAFPID-31043		—
Unresolved product id: CSAFPID-31044		—
Unresolved product id: CSAFPID-31045		—
Unresolved product id: CSAFPID-31046		—
Unresolved product id: CSAFPID-31047		—
Unresolved product id: CSAFPID-31048		—
Unresolved product id: CSAFPID-31049		—
Unresolved product id: CSAFPID-31050		—
Unresolved product id: CSAFPID-31051		—
Unresolved product id: CSAFPID-31052		—
Unresolved product id: CSAFPID-31053		—
Unresolved product id: CSAFPID-31054		—
Unresolved product id: CSAFPID-31055		—

CVE-2017-13078

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Mitigation If an immediate firmware update is not possible, the WLAN on the unit can also be switched off as a precautionary measure.

Affected products

Known affected 55 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—
Unresolved product id: CSAFPID-31009		—
Unresolved product id: CSAFPID-31010		—
Unresolved product id: CSAFPID-31011		—
Unresolved product id: CSAFPID-31012		—
Unresolved product id: CSAFPID-31013		—
Unresolved product id: CSAFPID-31014		—
Unresolved product id: CSAFPID-31015		—
Unresolved product id: CSAFPID-31016		—
Unresolved product id: CSAFPID-31017		—
Unresolved product id: CSAFPID-31018		—
Unresolved product id: CSAFPID-31019		—
Unresolved product id: CSAFPID-31020		—
Unresolved product id: CSAFPID-31021		—
Unresolved product id: CSAFPID-31022		—
Unresolved product id: CSAFPID-31023		—
Unresolved product id: CSAFPID-31024		—
Unresolved product id: CSAFPID-31025		—
Unresolved product id: CSAFPID-31026		—
Unresolved product id: CSAFPID-31027		—
Unresolved product id: CSAFPID-31028		—
Unresolved product id: CSAFPID-31029		—
Unresolved product id: CSAFPID-31030		—
Unresolved product id: CSAFPID-31031		—
Unresolved product id: CSAFPID-31032		—
Unresolved product id: CSAFPID-31033		—
Unresolved product id: CSAFPID-31034		—
Unresolved product id: CSAFPID-31035		—
Unresolved product id: CSAFPID-31036		—
Unresolved product id: CSAFPID-31037		—
Unresolved product id: CSAFPID-31038		—
Unresolved product id: CSAFPID-31039		—
Unresolved product id: CSAFPID-31040		—
Unresolved product id: CSAFPID-31041		—
Unresolved product id: CSAFPID-31042		—
Unresolved product id: CSAFPID-31043		—
Unresolved product id: CSAFPID-31044		—
Unresolved product id: CSAFPID-31045		—
Unresolved product id: CSAFPID-31046		—
Unresolved product id: CSAFPID-31047		—
Unresolved product id: CSAFPID-31048		—
Unresolved product id: CSAFPID-31049		—
Unresolved product id: CSAFPID-31050		—
Unresolved product id: CSAFPID-31051		—
Unresolved product id: CSAFPID-31052		—
Unresolved product id: CSAFPID-31053		—
Unresolved product id: CSAFPID-31054		—
Unresolved product id: CSAFPID-31055		—

CVE-2017-13080

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Mitigation If an immediate firmware update is not possible, the WLAN on the unit can also be switched off as a precautionary measure.

Affected products

Known affected 55 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—
Unresolved product id: CSAFPID-31009		—
Unresolved product id: CSAFPID-31010		—
Unresolved product id: CSAFPID-31011		—
Unresolved product id: CSAFPID-31012		—
Unresolved product id: CSAFPID-31013		—
Unresolved product id: CSAFPID-31014		—
Unresolved product id: CSAFPID-31015		—
Unresolved product id: CSAFPID-31016		—
Unresolved product id: CSAFPID-31017		—
Unresolved product id: CSAFPID-31018		—
Unresolved product id: CSAFPID-31019		—
Unresolved product id: CSAFPID-31020		—
Unresolved product id: CSAFPID-31021		—
Unresolved product id: CSAFPID-31022		—
Unresolved product id: CSAFPID-31023		—
Unresolved product id: CSAFPID-31024		—
Unresolved product id: CSAFPID-31025		—
Unresolved product id: CSAFPID-31026		—
Unresolved product id: CSAFPID-31027		—
Unresolved product id: CSAFPID-31028		—
Unresolved product id: CSAFPID-31029		—
Unresolved product id: CSAFPID-31030		—
Unresolved product id: CSAFPID-31031		—
Unresolved product id: CSAFPID-31032		—
Unresolved product id: CSAFPID-31033		—
Unresolved product id: CSAFPID-31034		—
Unresolved product id: CSAFPID-31035		—
Unresolved product id: CSAFPID-31036		—
Unresolved product id: CSAFPID-31037		—
Unresolved product id: CSAFPID-31038		—
Unresolved product id: CSAFPID-31039		—
Unresolved product id: CSAFPID-31040		—
Unresolved product id: CSAFPID-31041		—
Unresolved product id: CSAFPID-31042		—
Unresolved product id: CSAFPID-31043		—
Unresolved product id: CSAFPID-31044		—
Unresolved product id: CSAFPID-31045		—
Unresolved product id: CSAFPID-31046		—
Unresolved product id: CSAFPID-31047		—
Unresolved product id: CSAFPID-31048		—
Unresolved product id: CSAFPID-31049		—
Unresolved product id: CSAFPID-31050		—
Unresolved product id: CSAFPID-31051		—
Unresolved product id: CSAFPID-31052		—
Unresolved product id: CSAFPID-31053		—
Unresolved product id: CSAFPID-31054		—
Unresolved product id: CSAFPID-31055		—

References

3 references

URL	Category
https://certvde.com/de/advisories/vendor/endress+…	external
https://certvde.com/en/advisories/VDE-2021-010	self
https://endress-hauser.csaf-tp.certvde.com/.well-…	self

Acknowledgments

CERT@VDE certvde.com

imec-DistriNet Mathy Vanhoef

krackattacks KU Leuven

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      },
      {
        "names": [
          "Mathy Vanhoef"
        ],
        "organization": "imec-DistriNet",
        "summary": "reporting."
      },
      {
        "names": [
          "KU Leuven"
        ],
        "organization": "krackattacks",
        "summary": "reporting."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "summary",
        "text": "Endress+Hauser products utilizing WPA2 are vulnerable to KRACK attacks.\nProline portfolio is a flow meter with an optional WLAN interface in the display. The flowmeters are only affected if the optional WLAN display is present.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "The feasibility of modifying the configuration of the device depends on the configuration settings regarding the used protocol (for example: OPC UA, http) to communicate via WLAN.\n\n- Access to operator network via device isn\u0027t possible because bridging in the device isn\u0027t supported.\n- The WLAN passphrase isn\u0027t readable.\n- Via OPC UA: read/write data access isn\u0027t possible if encryption is activated.\n- Via Webserver and CDI-RJ45: read data is possible. Write data isn\u0027t possible if individual password is used.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "If an immediate firmware update is not possible, the WLAN on the unit can also be switched off as a precautionary measure.",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "As a general security measure Endress+Hauser strongly recommends protecting network access to the WLAN network with appropriate mechanisms. It is advised to configure the environment according to best practices to run the devices in a protected IT environment. Further general recommendations apply for the affected products:\n\nActivate encryption for OPC UA\nFor Webserver and CDI-RJ45: Change device default password to individual password\nFor WLAN: Change WLAN default password to individual WLAN password",
        "title": "Recommendations"
      },
      {
        "category": "description",
        "text": "Endress+Hauser provides updated firmware versions for all related products from the Proline portfolio which fixes the vulnerability and recommends customers to update to the new fixed version. For support, please contact your local service center.",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@endress.com",
      "name": "Endress+Hauser AG",
      "namespace": "https://www.endress.com"
    },
    "references": [
      {
        "category": "external",
        "summary": "Endress+Hauser advisory overview at CERT@VDE",
        "url": "https://certvde.com/de/advisories/vendor/endress+hauser/"
      },
      {
        "category": "self",
        "summary": "VDE-2021-010: Endress+Hauser: products utilizing WPA2 vulnerable to KRACK attacks - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2021-010"
      },
      {
        "category": "self",
        "summary": "VDE-2021-010: Endress+Hauser: products utilizing WPA2 vulnerable to KRACK attacks - CSAF",
        "url": "https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2021/vde-2021-010.json"
      }
    ],
    "title": "Endress+Hauser: products utilizing WPA2 vulnerable to KRACK attacks",
    "tracking": {
      "aliases": [
        "VDE-2021-010"
      ],
      "current_release_date": "2025-05-14T12:28:19.000Z",
      "generator": {
        "date": "2024-12-09T10:29:39.482Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.16"
        }
      },
      "id": "VDE-2021-010",
      "initial_release_date": "2021-05-18T09:00:00.000Z",
      "revision_history": [
        {
          "date": "2021-05-15T09:00:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        },
        {
          "date": "2025-05-14T12:28:19.000Z",
          "number": "2",
          "summary": "Fix: version space, added distribution"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Promag 300 with EtherNet/IP",
                "product": {
                  "name": "Promag 300 with EtherNet/IP",
                  "product_id": "CSAFPID-11001"
                }
              },
              {
                "category": "product_name",
                "name": "Promag 300 with Foundation Fieldbus",
                "product": {
                  "name": "Promag 300 with Foundation Fieldbus",
                  "product_id": "CSAFPID-11002"
                }
              },
              {
                "category": "product_name",
                "name": "Promag 300 with HART",
                "product": {
                  "name": "Promag 300 with HART",
                  "product_id": "CSAFPID-11003"
                }
              },
              {
                "category": "product_name",
                "name": "Promag 300 with MODBUS",
                "product": {
                  "name": "Promag 300 with MODBUS",
                  "product_id": "CSAFPID-11004"
                }
              },
              {
                "category": "product_name",
                "name": "Promag 300 with Profibus PA",
                "product": {
                  "name": "Promag 300 with Profibus PA",
                  "product_id": "CSAFPID-11005"
                }
              },
              {
                "category": "product_name",
                "name": "Promag 300 with PROFINET",
                "product": {
                  "name": "Promag 300 with PROFINET",
                  "product_id": "CSAFPID-11006"
                }
              },
              {
                "category": "product_name",
                "name": "Promag 400 with HART",
                "product": {
                  "name": "Promag 400 with HART",
                  "product_id": "CSAFPID-11007"
                }
              },
              {
                "category": "product_name",
                "name": "Promag 500 with EtherNet/IP",
                "product": {
                  "name": "Promag 500 with EtherNet/IP",
                  "product_id": "CSAFPID-11008"
                }
              },
              {
                "category": "product_name",
                "name": "Promag 500 with Foundation Fieldbus",
                "product": {
                  "name": "Promag 500 with Foundation Fieldbus",
                  "product_id": "CSAFPID-11009"
                }
              },
              {
                "category": "product_name",
                "name": "Promag 500 with HART",
                "product": {
                  "name": "Promag 500 with HART",
                  "product_id": "CSAFPID-11010"
                }
              },
              {
                "category": "product_name",
                "name": "Promag 500 with MODBUS",
                "product": {
                  "name": "Promag 500 with MODBUS",
                  "product_id": "CSAFPID-11011"
                }
              },
              {
                "category": "product_name",
                "name": "Promag 500 with Profibus PA",
                "product": {
                  "name": "Promag 500 with Profibus PA",
                  "product_id": "CSAFPID-11012"
                }
              },
              {
                "category": "product_name",
                "name": "Promag 500 with PROFINET",
                "product": {
                  "name": "Promag 500 with PROFINET",
                  "product_id": "CSAFPID-11013"
                }
              },
              {
                "category": "product_name",
                "name": "Promass 300 with EtherNet/IP",
                "product": {
                  "name": "Promass 300 with EtherNet/IP",
                  "product_id": "CSAFPID-11014"
                }
              },
              {
                "category": "product_name",
                "name": "Promass 300 with Foundation Fieldbus",
                "product": {
                  "name": "Promass 300 with Foundation Fieldbus",
                  "product_id": "CSAFPID-11015"
                }
              },
              {
                "category": "product_name",
                "name": "Promass 300 with HART",
                "product": {
                  "name": "Promass 300 with HART",
                  "product_id": "CSAFPID-11016"
                }
              },
              {
                "category": "product_name",
                "name": "Promass 300 with MODBUS",
                "product": {
                  "name": "Promass 300 with MODBUS",
                  "product_id": "CSAFPID-11017"
                }
              },
              {
                "category": "product_name",
                "name": "Promass 300 with Profibus PA",
                "product": {
                  "name": "Promass 300 with Profibus PA",
                  "product_id": "CSAFPID-11018"
                }
              },
              {
                "category": "product_name",
                "name": "Promass 300 with PROFINET",
                "product": {
                  "name": "Promass 300 with PROFINET",
                  "product_id": "CSAFPID-11019"
                }
              },
              {
                "category": "product_name",
                "name": "Promass 500 with EtherNet/IP",
                "product": {
                  "name": "Promass 500 with EtherNet/IP",
                  "product_id": "CSAFPID-11020"
                }
              },
              {
                "category": "product_name",
                "name": "Promass 500 with Foundation Fieldbus",
                "product": {
                  "name": "Promass 500 with Foundation Fieldbus",
                  "product_id": "CSAFPID-11021"
                }
              },
              {
                "category": "product_name",
                "name": "Promass 500 with HART",
                "product": {
                  "name": "Promass 500 with HART",
                  "product_id": "CSAFPID-11022"
                }
              },
              {
                "category": "product_name",
                "name": "Promass 500 with MODBUS",
                "product": {
                  "name": "Promass 500 with MODBUS",
                  "product_id": "CSAFPID-11023"
                }
              },
              {
                "category": "product_name",
                "name": "Promass 500 with Profibus PA",
                "product": {
                  "name": "Promass 500 with Profibus PA",
                  "product_id": "CSAFPID-11024"
                }
              },
              {
                "category": "product_name",
                "name": "Promass 500 with PROFINET",
                "product": {
                  "name": "Promass 500 with PROFINET",
                  "product_id": "CSAFPID-11025"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Display for Promag 300",
                "product": {
                  "name": "Spare Display for Promag 300",
                  "product_id": "CSAFPID-11026"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Display for Promag 400",
                "product": {
                  "name": "Spare Display for Promag 400",
                  "product_id": "CSAFPID-11027"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Display for Promag 500",
                "product": {
                  "name": "Spare Display for Promag 500",
                  "product_id": "CSAFPID-11028"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Display for Promass 300",
                "product": {
                  "name": "Spare Display for Promass 300",
                  "product_id": "CSAFPID-11029"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Display for Promass 500",
                "product": {
                  "name": "Spare Display for Promass 500",
                  "product_id": "CSAFPID-11030"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promag 300 with EtherNet/IP",
                "product": {
                  "name": "Spare Transmitter for Promag 300 with EtherNet/IP",
                  "product_id": "CSAFPID-11031"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promag 300 with Foundation Fieldbus",
                "product": {
                  "name": "Spare Transmitter for Promag 300 with Foundation Fieldbus",
                  "product_id": "CSAFPID-11032"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promag 300 with HART",
                "product": {
                  "name": "Spare Transmitter for Promag 300 with HART",
                  "product_id": "CSAFPID-11033"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promag 300 with MODBUS",
                "product": {
                  "name": "Spare Transmitter for Promag 300 with MODBUS",
                  "product_id": "CSAFPID-11034"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promag 300 with Profibus PA",
                "product": {
                  "name": "Spare Transmitter for Promag 300 with Profibus PA",
                  "product_id": "CSAFPID-11035"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promag 300 with PROFINET",
                "product": {
                  "name": "Spare Transmitter for Promag 300 with PROFINET",
                  "product_id": "CSAFPID-11036"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promag 400 with HART",
                "product": {
                  "name": "Spare Transmitter for Promag 400 with HART",
                  "product_id": "CSAFPID-11037"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promag 500 with EtherNet/IP",
                "product": {
                  "name": "Spare Transmitter for Promag 500 with EtherNet/IP",
                  "product_id": "CSAFPID-11038"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promag 500 with Foundation Fieldbus",
                "product": {
                  "name": "Spare Transmitter for Promag 500 with Foundation Fieldbus",
                  "product_id": "CSAFPID-11039"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promag 500 with HART",
                "product": {
                  "name": "Spare Transmitter for Promag 500 with HART",
                  "product_id": "CSAFPID-11040"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promag 500 with MODBUS",
                "product": {
                  "name": "Spare Transmitter for Promag 500 with MODBUS",
                  "product_id": "CSAFPID-11041"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promag 500 with Profibus PA",
                "product": {
                  "name": "Spare Transmitter for Promag 500 with Profibus PA",
                  "product_id": "CSAFPID-11042"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promag 500 with PROFINET",
                "product": {
                  "name": "Spare Transmitter for Promag 500 with PROFINET",
                  "product_id": "CSAFPID-11043"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promass 300 with EtherNet/IP",
                "product": {
                  "name": "Spare Transmitter for Promass 300 with EtherNet/IP",
                  "product_id": "CSAFPID-11044"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promass 300 with Foundation Fieldbus",
                "product": {
                  "name": "Spare Transmitter for Promass 300 with Foundation Fieldbus",
                  "product_id": "CSAFPID-11045"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promass 300 with HART",
                "product": {
                  "name": "Spare Transmitter for Promass 300 with HART",
                  "product_id": "CSAFPID-11046"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promass 300 with MODBUS",
                "product": {
                  "name": "Spare Transmitter for Promass 300 with MODBUS",
                  "product_id": "CSAFPID-11047"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promass 300 with Profibus PA",
                "product": {
                  "name": "Spare Transmitter for Promass 300 with Profibus PA",
                  "product_id": "CSAFPID-11048"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promass 300 with PROFINET",
                "product": {
                  "name": "Spare Transmitter for Promass 300 with PROFINET",
                  "product_id": "CSAFPID-11049"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promass 500 with EtherNet/IP",
                "product": {
                  "name": "Spare Transmitter for Promass 500 with EtherNet/IP",
                  "product_id": "CSAFPID-11050"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promass 500 with Foundation Fieldbus",
                "product": {
                  "name": "Spare Transmitter for Promass 500 with Foundation Fieldbus",
                  "product_id": "CSAFPID-0061"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promass 500 with HART",
                "product": {
                  "name": "Spare Transmitter for Promass 500 with HART",
                  "product_id": "CSAFPID-11052"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promass 500 with MODBUS",
                "product": {
                  "name": "Spare Transmitter for Promass 500 with MODBUS",
                  "product_id": "CSAFPID-11053"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promass 500 with Profibus PA",
                "product": {
                  "name": "Spare Transmitter for Promass 500 with Profibus PA",
                  "product_id": "CSAFPID-11054"
                }
              },
              {
                "category": "product_name",
                "name": "Spare Transmitter for Promass 500 with PROFINET",
                "product": {
                  "name": "Spare Transmitter for Promass 500 with PROFINET",
                  "product_id": "CSAFPID-11055"
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=01.01.02",
                "product": {
                  "name": "Firmware \u003c=01.01.02",
                  "product_id": "CSAFPID-21001"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=01.00.01",
                "product": {
                  "name": "Firmware \u003c=01.00.01",
                  "product_id": "CSAFPID-21002"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=01.01.01",
                "product": {
                  "name": "Firmware \u003c=01.01.01",
                  "product_id": "CSAFPID-21003"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=01.00.02",
                "product": {
                  "name": "Firmware \u003c=01.00.02",
                  "product_id": "CSAFPID-21004"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=01.00.03",
                "product": {
                  "name": "Firmware \u003c=01.00.03",
                  "product_id": "CSAFPID-21005"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=02.00.01",
                "product": {
                  "name": "Firmware \u003c=02.00.01",
                  "product_id": "CSAFPID-21006"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=01.01.00",
                "product": {
                  "name": "Firmware \u003c=01.01.00",
                  "product_id": "CSAFPID-21007"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "Pepperl+Fuchs"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017",
          "CSAFPID-31018",
          "CSAFPID-31019",
          "CSAFPID-31020",
          "CSAFPID-31021",
          "CSAFPID-31022",
          "CSAFPID-31023",
          "CSAFPID-31024",
          "CSAFPID-31025",
          "CSAFPID-31026",
          "CSAFPID-31027",
          "CSAFPID-31028",
          "CSAFPID-31029",
          "CSAFPID-31030",
          "CSAFPID-31031",
          "CSAFPID-31032",
          "CSAFPID-31033",
          "CSAFPID-31034",
          "CSAFPID-31035",
          "CSAFPID-31036",
          "CSAFPID-31037",
          "CSAFPID-31038",
          "CSAFPID-31039",
          "CSAFPID-31040",
          "CSAFPID-31041",
          "CSAFPID-31042",
          "CSAFPID-31043",
          "CSAFPID-31044",
          "CSAFPID-31045",
          "CSAFPID-31046",
          "CSAFPID-31047",
          "CSAFPID-31048",
          "CSAFPID-31049",
          "CSAFPID-31050",
          "CSAFPID-31051",
          "CSAFPID-31052",
          "CSAFPID-31053",
          "CSAFPID-31054",
          "CSAFPID-31055"
        ],
        "summary": "Affected Products."
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.02 installed on Promag 300 with EtherNet/IP",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Promag 300 with Foundation Fieldbus",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.01 installed on Promag 300 with HART",
          "product_id": "CSAFPID-31003"
        },
        "product_reference": "CSAFPID-21003",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.02 installed on Promag 300 with MODBUS",
          "product_id": "CSAFPID-31004"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.03 installed on Promag 300 with Profibus PA",
          "product_id": "CSAFPID-31005"
        },
        "product_reference": "CSAFPID-21005",
        "relates_to_product_reference": "CSAFPID-11005"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Promag 300 with PROFINET",
          "product_id": "CSAFPID-31006"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11006"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=02.00.01 installed on Promag 400 with HART",
          "product_id": "CSAFPID-31007"
        },
        "product_reference": "CSAFPID-21006",
        "relates_to_product_reference": "CSAFPID-11007"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.02 installed on Promag 500 with EtherNet/IP",
          "product_id": "CSAFPID-31008"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11008"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Promag 500 with Foundation Fieldbus",
          "product_id": "CSAFPID-31009"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11009"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.01 installed on Promag 500 with HART",
          "product_id": "CSAFPID-31010"
        },
        "product_reference": "CSAFPID-21003",
        "relates_to_product_reference": "CSAFPID-11010"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.02 installed on Promag 500 with MODBUS",
          "product_id": "CSAFPID-31011"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11011"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.03 installed on Promag 500 with Profibus PA",
          "product_id": "CSAFPID-31012"
        },
        "product_reference": "CSAFPID-21005",
        "relates_to_product_reference": "CSAFPID-11012"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Promag 500 with PROFINET",
          "product_id": "CSAFPID-31013"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11013"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.02 installed on Promass 300 with EtherNet/IP",
          "product_id": "CSAFPID-31014"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11014"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Promass 300 with Foundation Fieldbus",
          "product_id": "CSAFPID-31015"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11015"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.02 installed on Promass 300 with HART",
          "product_id": "CSAFPID-31016"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11016"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.02 installed on Promass 300 with MODBUS",
          "product_id": "CSAFPID-31017"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11017"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.03 installed on Promass 300 with Profibus PA",
          "product_id": "CSAFPID-31018"
        },
        "product_reference": "CSAFPID-21005",
        "relates_to_product_reference": "CSAFPID-11018"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Promass 300 with PROFINET",
          "product_id": "CSAFPID-31019"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11019"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.02 installed on Promass 500 with EtherNet/IP",
          "product_id": "CSAFPID-31020"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11020"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Spare Transmitter for Promass 500 with Foundation Fieldbus",
          "product_id": "CSAFPID-31021"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-0061"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.02 installed on Promass 500 with HART",
          "product_id": "CSAFPID-31022"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11022"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.02 installed on Promass 500 with MODBUS",
          "product_id": "CSAFPID-31023"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11023"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.03 installed on Promass 500 with Profibus PA",
          "product_id": "CSAFPID-31024"
        },
        "product_reference": "CSAFPID-21005",
        "relates_to_product_reference": "CSAFPID-11024"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Promass 500 with PROFINET",
          "product_id": "CSAFPID-31025"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11025"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Spare Transmitter for Promag 300 with Foundation Fieldbus",
          "product_id": "CSAFPID-31026"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11032"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.01 installed on Spare Transmitter for Promag 300 with HART",
          "product_id": "CSAFPID-31027"
        },
        "product_reference": "CSAFPID-21003",
        "relates_to_product_reference": "CSAFPID-11033"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.02 installed on Spare Transmitter for Promag 300 with MODBUS",
          "product_id": "CSAFPID-31028"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11034"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.03 installed on Spare Transmitter for Promag 300 with Profibus PA",
          "product_id": "CSAFPID-31029"
        },
        "product_reference": "CSAFPID-21005",
        "relates_to_product_reference": "CSAFPID-11035"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Spare Transmitter for Promag 300 with PROFINET",
          "product_id": "CSAFPID-31030"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11036"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=02.00.01 installed on Spare Transmitter for Promag 400 with HART",
          "product_id": "CSAFPID-31031"
        },
        "product_reference": "CSAFPID-21006",
        "relates_to_product_reference": "CSAFPID-11037"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.02 installed on Spare Transmitter for Promag 500 with EtherNet/IP",
          "product_id": "CSAFPID-31032"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11038"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Spare Transmitter for Promag 500 with Foundation Fieldbus",
          "product_id": "CSAFPID-31033"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11039"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.01 installed on Spare Transmitter for Promag 500 with HART",
          "product_id": "CSAFPID-31034"
        },
        "product_reference": "CSAFPID-21003",
        "relates_to_product_reference": "CSAFPID-11040"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.02 installed on Spare Transmitter for Promag 500 with MODBUS",
          "product_id": "CSAFPID-31035"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11041"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.03 installed on Spare Transmitter for Promag 500 with Profibus PA",
          "product_id": "CSAFPID-31036"
        },
        "product_reference": "CSAFPID-21005",
        "relates_to_product_reference": "CSAFPID-11042"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Spare Transmitter for Promag 500 with PROFINET",
          "product_id": "CSAFPID-31037"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11043"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.02 installed on Spare Transmitter for Promass 300 with EtherNet/IP",
          "product_id": "CSAFPID-31038"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11044"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Spare Transmitter for Promass 300 with Foundation Fieldbus",
          "product_id": "CSAFPID-31039"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11045"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.02 installed on Spare Transmitter for Promass 300 with HART",
          "product_id": "CSAFPID-31040"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11046"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.02 installed on Spare Transmitter for Promass 300 with MODBUS",
          "product_id": "CSAFPID-31041"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11047"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.03 installed on Spare Transmitter for Promass 300 with Profibus PA",
          "product_id": "CSAFPID-31042"
        },
        "product_reference": "CSAFPID-21005",
        "relates_to_product_reference": "CSAFPID-11048"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Spare Transmitter for Promass 300 with PROFINET",
          "product_id": "CSAFPID-31043"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11049"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.02 installed on Spare Transmitter for Promass 500 with EtherNet/IP",
          "product_id": "CSAFPID-31044"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11050"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Spare Transmitter for Promass 500 with Foundation Fieldbus",
          "product_id": "CSAFPID-31045"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-0061"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.02 installed on Spare Transmitter for Promass 500 with HART",
          "product_id": "CSAFPID-31046"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11052"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.02 installed on Spare Transmitter for Promass 500 with MODBUS",
          "product_id": "CSAFPID-31047"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11053"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.03 installed on Spare Transmitter for Promass 500 with Profibus PA",
          "product_id": "CSAFPID-31048"
        },
        "product_reference": "CSAFPID-21005",
        "relates_to_product_reference": "CSAFPID-11054"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.00.01 installed on Spare Transmitter for Promass 500 with PROFINET",
          "product_id": "CSAFPID-31049"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11055"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.00 installed on Spare Display for Promag 300",
          "product_id": "CSAFPID-31050"
        },
        "product_reference": "CSAFPID-21007",
        "relates_to_product_reference": "CSAFPID-11026"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.00 installed on Spare Display for Promag 400",
          "product_id": "CSAFPID-31051"
        },
        "product_reference": "CSAFPID-21007",
        "relates_to_product_reference": "CSAFPID-11027"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.00 installed on Spare Display for Promag 500",
          "product_id": "CSAFPID-31052"
        },
        "product_reference": "CSAFPID-21007",
        "relates_to_product_reference": "CSAFPID-11028"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.00 installed on Spare Display for Promass 300",
          "product_id": "CSAFPID-31053"
        },
        "product_reference": "CSAFPID-21007",
        "relates_to_product_reference": "CSAFPID-11029"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.00 installed on Spare Display for Promass 500",
          "product_id": "CSAFPID-31054"
        },
        "product_reference": "CSAFPID-21007",
        "relates_to_product_reference": "CSAFPID-11030"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.01.02 installed on Spare Transmitter for Promag 300 with EtherNet/IP",
          "product_id": "CSAFPID-31055"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11031"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-13077",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "audience": "all",
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017",
          "CSAFPID-31018",
          "CSAFPID-31019",
          "CSAFPID-31020",
          "CSAFPID-31021",
          "CSAFPID-31022",
          "CSAFPID-31023",
          "CSAFPID-31024",
          "CSAFPID-31025",
          "CSAFPID-31026",
          "CSAFPID-31027",
          "CSAFPID-31028",
          "CSAFPID-31029",
          "CSAFPID-31030",
          "CSAFPID-31031",
          "CSAFPID-31032",
          "CSAFPID-31033",
          "CSAFPID-31034",
          "CSAFPID-31035",
          "CSAFPID-31036",
          "CSAFPID-31037",
          "CSAFPID-31038",
          "CSAFPID-31039",
          "CSAFPID-31040",
          "CSAFPID-31041",
          "CSAFPID-31042",
          "CSAFPID-31043",
          "CSAFPID-31044",
          "CSAFPID-31045",
          "CSAFPID-31046",
          "CSAFPID-31047",
          "CSAFPID-31048",
          "CSAFPID-31049",
          "CSAFPID-31050",
          "CSAFPID-31051",
          "CSAFPID-31052",
          "CSAFPID-31053",
          "CSAFPID-31054",
          "CSAFPID-31055"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "If an immediate firmware update is not possible, the WLAN on the unit can also be switched off as a precautionary measure.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Endress+Hauser provides updated firmware versions for all related products from the Proline portfolio which fixes the vulnerability and recommends customers to update to the new fixed version. For support, please contact your local service center.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 6.8,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 6.8,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017",
            "CSAFPID-31018",
            "CSAFPID-31019",
            "CSAFPID-31020",
            "CSAFPID-31021",
            "CSAFPID-31022",
            "CSAFPID-31023",
            "CSAFPID-31024",
            "CSAFPID-31025",
            "CSAFPID-31026",
            "CSAFPID-31027",
            "CSAFPID-31028",
            "CSAFPID-31029",
            "CSAFPID-31030",
            "CSAFPID-31031",
            "CSAFPID-31032",
            "CSAFPID-31033",
            "CSAFPID-31034",
            "CSAFPID-31035",
            "CSAFPID-31036",
            "CSAFPID-31037",
            "CSAFPID-31038",
            "CSAFPID-31039",
            "CSAFPID-31040",
            "CSAFPID-31041",
            "CSAFPID-31042",
            "CSAFPID-31043",
            "CSAFPID-31044",
            "CSAFPID-31045",
            "CSAFPID-31046",
            "CSAFPID-31047",
            "CSAFPID-31048",
            "CSAFPID-31049",
            "CSAFPID-31050",
            "CSAFPID-31051",
            "CSAFPID-31052",
            "CSAFPID-31053",
            "CSAFPID-31054",
            "CSAFPID-31055"
          ]
        }
      ],
      "title": "CVE-2017-13077"
    },
    {
      "cve": "CVE-2017-13078",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "audience": "all",
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017",
          "CSAFPID-31018",
          "CSAFPID-31019",
          "CSAFPID-31020",
          "CSAFPID-31021",
          "CSAFPID-31022",
          "CSAFPID-31023",
          "CSAFPID-31024",
          "CSAFPID-31025",
          "CSAFPID-31026",
          "CSAFPID-31027",
          "CSAFPID-31028",
          "CSAFPID-31029",
          "CSAFPID-31030",
          "CSAFPID-31031",
          "CSAFPID-31032",
          "CSAFPID-31033",
          "CSAFPID-31034",
          "CSAFPID-31035",
          "CSAFPID-31036",
          "CSAFPID-31037",
          "CSAFPID-31038",
          "CSAFPID-31039",
          "CSAFPID-31040",
          "CSAFPID-31041",
          "CSAFPID-31042",
          "CSAFPID-31043",
          "CSAFPID-31044",
          "CSAFPID-31045",
          "CSAFPID-31046",
          "CSAFPID-31047",
          "CSAFPID-31048",
          "CSAFPID-31049",
          "CSAFPID-31050",
          "CSAFPID-31051",
          "CSAFPID-31052",
          "CSAFPID-31053",
          "CSAFPID-31054",
          "CSAFPID-31055"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "If an immediate firmware update is not possible, the WLAN on the unit can also be switched off as a precautionary measure.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Endress+Hauser provides updated firmware versions for all related products from the Proline portfolio which fixes the vulnerability and recommends customers to update to the new fixed version. For support, please contact your local service center.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017",
            "CSAFPID-31018",
            "CSAFPID-31019",
            "CSAFPID-31020",
            "CSAFPID-31021",
            "CSAFPID-31022",
            "CSAFPID-31023",
            "CSAFPID-31024",
            "CSAFPID-31025",
            "CSAFPID-31026",
            "CSAFPID-31027",
            "CSAFPID-31028",
            "CSAFPID-31029",
            "CSAFPID-31030",
            "CSAFPID-31031",
            "CSAFPID-31032",
            "CSAFPID-31033",
            "CSAFPID-31034",
            "CSAFPID-31035",
            "CSAFPID-31036",
            "CSAFPID-31037",
            "CSAFPID-31038",
            "CSAFPID-31039",
            "CSAFPID-31040",
            "CSAFPID-31041",
            "CSAFPID-31042",
            "CSAFPID-31043",
            "CSAFPID-31044",
            "CSAFPID-31045",
            "CSAFPID-31046",
            "CSAFPID-31047",
            "CSAFPID-31048",
            "CSAFPID-31049",
            "CSAFPID-31050",
            "CSAFPID-31051",
            "CSAFPID-31052",
            "CSAFPID-31053",
            "CSAFPID-31054",
            "CSAFPID-31055"
          ]
        }
      ],
      "title": "CVE-2017-13078"
    },
    {
      "cve": "CVE-2017-13080",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "audience": "all",
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017",
          "CSAFPID-31018",
          "CSAFPID-31019",
          "CSAFPID-31020",
          "CSAFPID-31021",
          "CSAFPID-31022",
          "CSAFPID-31023",
          "CSAFPID-31024",
          "CSAFPID-31025",
          "CSAFPID-31026",
          "CSAFPID-31027",
          "CSAFPID-31028",
          "CSAFPID-31029",
          "CSAFPID-31030",
          "CSAFPID-31031",
          "CSAFPID-31032",
          "CSAFPID-31033",
          "CSAFPID-31034",
          "CSAFPID-31035",
          "CSAFPID-31036",
          "CSAFPID-31037",
          "CSAFPID-31038",
          "CSAFPID-31039",
          "CSAFPID-31040",
          "CSAFPID-31041",
          "CSAFPID-31042",
          "CSAFPID-31043",
          "CSAFPID-31044",
          "CSAFPID-31045",
          "CSAFPID-31046",
          "CSAFPID-31047",
          "CSAFPID-31048",
          "CSAFPID-31049",
          "CSAFPID-31050",
          "CSAFPID-31051",
          "CSAFPID-31052",
          "CSAFPID-31053",
          "CSAFPID-31054",
          "CSAFPID-31055"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "If an immediate firmware update is not possible, the WLAN on the unit can also be switched off as a precautionary measure.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Endress+Hauser provides updated firmware versions for all related products from the Proline portfolio which fixes the vulnerability and recommends customers to update to the new fixed version. For support, please contact your local service center.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017",
            "CSAFPID-31018",
            "CSAFPID-31019",
            "CSAFPID-31020",
            "CSAFPID-31021",
            "CSAFPID-31022",
            "CSAFPID-31023",
            "CSAFPID-31024",
            "CSAFPID-31025",
            "CSAFPID-31026",
            "CSAFPID-31027",
            "CSAFPID-31028",
            "CSAFPID-31029",
            "CSAFPID-31030",
            "CSAFPID-31031",
            "CSAFPID-31032",
            "CSAFPID-31033",
            "CSAFPID-31034",
            "CSAFPID-31035",
            "CSAFPID-31036",
            "CSAFPID-31037",
            "CSAFPID-31038",
            "CSAFPID-31039",
            "CSAFPID-31040",
            "CSAFPID-31041",
            "CSAFPID-31042",
            "CSAFPID-31043",
            "CSAFPID-31044",
            "CSAFPID-31045",
            "CSAFPID-31046",
            "CSAFPID-31047",
            "CSAFPID-31048",
            "CSAFPID-31049",
            "CSAFPID-31050",
            "CSAFPID-31051",
            "CSAFPID-31052",
            "CSAFPID-31053",
            "CSAFPID-31054",
            "CSAFPID-31055"
          ]
        }
      ],
      "title": "CVE-2017-13080"
    }
  ]
}

CVE-2017-13077 (GCVE-0-2017-13077)

Vulnerability from cvelistv5 – Published: 2017-10-17 02:00 – Updated: 2024-08-05 18:58

Summary

Severity

No CVSS data available.

CWE

Assigner

certcc

References

35 references

URL	Tags
http://www.securitytracker.com/id/1039581	vdb-entryx_refsource_SECTRACK
https://support.apple.com/HT208221	x_refsource_CONFIRM
http://www.securityfocus.com/bid/101274	vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
http://www.debian.org/security/2017/dsa-3999	vendor-advisoryx_refsource_DEBIAN
http://www.securitytracker.com/id/1039578	vdb-entryx_refsource_SECTRACK
https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
http://www.securitytracker.com/id/1041432	vdb-entryx_refsource_SECTRACK
https://source.android.com/security/bulletin/2018-04-01	x_refsource_CONFIRM
https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
https://access.redhat.com/errata/RHSA-2017:2911	vendor-advisoryx_refsource_REDHAT
https://w1.fi/security/2017-1/wpa-packet-number-r…	x_refsource_MISC
http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
http://www.securitytracker.com/id/1039577	vdb-entryx_refsource_SECTRACK
https://support.hpe.com/hpsc/doc/public/display?d…	x_refsource_CONFIRM
https://support.apple.com/HT208222	x_refsource_CONFIRM
https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
https://security.gentoo.org/glsa/201711-03	vendor-advisoryx_refsource_GENTOO
https://access.redhat.com/errata/RHSA-2017:2907	vendor-advisoryx_refsource_REDHAT
https://support.lenovo.com/us/en/product_security…	x_refsource_CONFIRM
https://security.FreeBSD.org/advisories/FreeBSD-S…	vendor-advisoryx_refsource_FREEBSD
https://www.krackattacks.com/	x_refsource_MISC
http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
http://www.securitytracker.com/id/1039573	vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id/1039576	vdb-entryx_refsource_SECTRACK
https://cert.vde.com/en-us/advisories/vde-2017-003	x_refsource_CONFIRM
http://www.securitytracker.com/id/1039585	vdb-entryx_refsource_SECTRACK
http://www.kb.cert.org/vuls/id/228519	third-party-advisoryx_refsource_CERT-VN
https://support.apple.com/HT208220	x_refsource_CONFIRM
https://source.android.com/security/bulletin/2018-06-01	x_refsource_CONFIRM
https://support.apple.com/HT208219	x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
https://cert.vde.com/en-us/advisories/vde-2017-005	x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-3455-1	vendor-advisoryx_refsource_UBUNTU

Impacted products

1 product

Vendor	Product	Version
Wi-Fi Alliance	Wi-Fi Protected Access (WPA and WPA2)	Affected: WPA Affected: WPA2

Date Public

2017-10-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.291Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208221"
          },
          {
            "name": "101274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "DSA-3999",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "name": "1039578",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "name": "1041432",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041432"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
          },
          {
            "name": "RHSA-2017:2911",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2911"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "name": "1039577",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208222"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "name": "GLSA-201711-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "name": "RHSA-2017:2907",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
          },
          {
            "name": "FreeBSD-SA-17:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.krackattacks.com/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "name": "1039573",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "name": "1039576",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
          },
          {
            "name": "1039585",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "name": "VU#228519",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208220"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2018-06-01"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208219"
          },
          {
            "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "name": "USN-3455-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3455-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Wi-Fi Protected Access (WPA and WPA2)",
          "vendor": "Wi-Fi Alliance",
          "versions": [
            {
              "status": "affected",
              "version": "WPA"
            },
            {
              "status": "affected",
              "version": "WPA2"
            }
          ]
        }
      ],
      "datePublic": "2017-10-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-13T10:57:01.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1039581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039581"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208221"
        },
        {
          "name": "101274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101274"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "name": "DSA-3999",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3999"
        },
        {
          "name": "1039578",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039578"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/kracks"
        },
        {
          "name": "1041432",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041432"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2018-04-01"
        },
        {
          "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
        },
        {
          "name": "RHSA-2017:2911",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2911"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
        },
        {
          "name": "1039577",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039577"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208222"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-11-01"
        },
        {
          "name": "GLSA-201711-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-03"
        },
        {
          "name": "RHSA-2017:2907",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2907"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
        },
        {
          "name": "FreeBSD-SA-17:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.krackattacks.com/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
        },
        {
          "name": "1039573",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039573"
        },
        {
          "name": "1039576",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039576"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
        },
        {
          "name": "1039585",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039585"
        },
        {
          "name": "VU#228519",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/228519"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208220"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2018-06-01"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208219"
        },
        {
          "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
        },
        {
          "name": "USN-3455-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3455-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2017-13077",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Wi-Fi Protected Access (WPA and WPA2)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "WPA"
                          },
                          {
                            "version_value": "WPA2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Wi-Fi Alliance"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039581",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039581"
            },
            {
              "name": "https://support.apple.com/HT208221",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208221"
            },
            {
              "name": "101274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101274"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "DSA-3999",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3999"
            },
            {
              "name": "1039578",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039578"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/kracks",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/kracks"
            },
            {
              "name": "1041432",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041432"
            },
            {
              "name": "https://source.android.com/security/bulletin/2018-04-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2018-04-01"
            },
            {
              "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
            },
            {
              "name": "RHSA-2017:2911",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2911"
            },
            {
              "name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
              "refsource": "MISC",
              "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
            },
            {
              "name": "1039577",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039577"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
            },
            {
              "name": "https://support.apple.com/HT208222",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208222"
            },
            {
              "name": "https://source.android.com/security/bulletin/2017-11-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2017-11-01"
            },
            {
              "name": "GLSA-201711-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-03"
            },
            {
              "name": "RHSA-2017:2907",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2907"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
            },
            {
              "name": "FreeBSD-SA-17:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
            },
            {
              "name": "https://www.krackattacks.com/",
              "refsource": "MISC",
              "url": "https://www.krackattacks.com/"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
            },
            {
              "name": "1039573",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039573"
            },
            {
              "name": "1039576",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039576"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-003",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
            },
            {
              "name": "1039585",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039585"
            },
            {
              "name": "VU#228519",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/228519"
            },
            {
              "name": "https://support.apple.com/HT208220",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208220"
            },
            {
              "name": "https://source.android.com/security/bulletin/2018-06-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2018-06-01"
            },
            {
              "name": "https://support.apple.com/HT208219",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208219"
            },
            {
              "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
            },
            {
              "name": "USN-3455-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3455-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2017-13077",
    "datePublished": "2017-10-17T02:00:00.000Z",
    "dateReserved": "2017-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T18:58:12.291Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-13078 (GCVE-0-2017-13078)

Vulnerability from cvelistv5 – Published: 2017-10-17 13:00 – Updated: 2024-08-05 18:58

Summary

Severity

No CVSS data available.

CWE

CWE-323 - Reusing a Nonce, Key Pair in Encryption

Assigner

certcc

References

35 references

URL	Tags
http://www.securitytracker.com/id/1039581	vdb-entryx_refsource_SECTRACK
https://support.apple.com/HT208221	x_refsource_CONFIRM
http://www.securityfocus.com/bid/101274	vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://www.debian.org/security/2017/dsa-3999	vendor-advisoryx_refsource_DEBIAN
http://www.securitytracker.com/id/1039578	vdb-entryx_refsource_SECTRACK
https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
https://access.redhat.com/errata/RHSA-2017:2911	vendor-advisoryx_refsource_REDHAT
https://w1.fi/security/2017-1/wpa-packet-number-r…	x_refsource_MISC
http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
http://www.securitytracker.com/id/1039577	vdb-entryx_refsource_SECTRACK
https://support.hpe.com/hpsc/doc/public/display?d…	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://support.apple.com/HT208222	x_refsource_CONFIRM
https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
https://security.gentoo.org/glsa/201711-03	vendor-advisoryx_refsource_GENTOO
https://access.redhat.com/errata/RHSA-2017:2907	vendor-advisoryx_refsource_REDHAT
https://support.lenovo.com/us/en/product_security…	x_refsource_CONFIRM
https://security.FreeBSD.org/advisories/FreeBSD-S…	vendor-advisoryx_refsource_FREEBSD
https://www.krackattacks.com/	x_refsource_MISC
http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
http://www.securitytracker.com/id/1039573	vdb-entryx_refsource_SECTRACK
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://www.securitytracker.com/id/1039576	vdb-entryx_refsource_SECTRACK
https://cert.vde.com/en-us/advisories/vde-2017-003	x_refsource_CONFIRM
http://www.securitytracker.com/id/1039585	vdb-entryx_refsource_SECTRACK
http://www.kb.cert.org/vuls/id/228519	third-party-advisoryx_refsource_CERT-VN
https://support.apple.com/HT208220	x_refsource_CONFIRM
https://support.apple.com/HT208219	x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
https://cert.vde.com/en-us/advisories/vde-2017-005	x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-3455-1	vendor-advisoryx_refsource_UBUNTU

Impacted products

1 product

Vendor	Product	Version
Wi-Fi Alliance	Wi-Fi Protected Access (WPA and WPA2)	Affected: WPA Affected: WPA2

Date Public

2017-10-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.469Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208221"
          },
          {
            "name": "101274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "SUSE-SU-2017:2745",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "name": "DSA-3999",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "name": "1039578",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
          },
          {
            "name": "RHSA-2017:2911",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2911"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "name": "1039577",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
          },
          {
            "name": "openSUSE-SU-2017:2755",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208222"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "name": "GLSA-201711-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "name": "RHSA-2017:2907",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
          },
          {
            "name": "FreeBSD-SA-17:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.krackattacks.com/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "name": "1039573",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "name": "SUSE-SU-2017:2752",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "name": "1039576",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
          },
          {
            "name": "1039585",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "name": "VU#228519",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208220"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208219"
          },
          {
            "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "name": "USN-3455-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3455-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Wi-Fi Protected Access (WPA and WPA2)",
          "vendor": "Wi-Fi Alliance",
          "versions": [
            {
              "status": "affected",
              "version": "WPA"
            },
            {
              "status": "affected",
              "version": "WPA2"
            }
          ]
        }
      ],
      "datePublic": "2017-10-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-323",
              "description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-13T10:57:01.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1039581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039581"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208221"
        },
        {
          "name": "101274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101274"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "name": "SUSE-SU-2017:2745",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
        },
        {
          "name": "DSA-3999",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3999"
        },
        {
          "name": "1039578",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039578"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/kracks"
        },
        {
          "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
        },
        {
          "name": "RHSA-2017:2911",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2911"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
        },
        {
          "name": "1039577",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039577"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
        },
        {
          "name": "openSUSE-SU-2017:2755",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208222"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-11-01"
        },
        {
          "name": "GLSA-201711-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-03"
        },
        {
          "name": "RHSA-2017:2907",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2907"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
        },
        {
          "name": "FreeBSD-SA-17:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.krackattacks.com/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
        },
        {
          "name": "1039573",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039573"
        },
        {
          "name": "SUSE-SU-2017:2752",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
        },
        {
          "name": "1039576",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039576"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
        },
        {
          "name": "1039585",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039585"
        },
        {
          "name": "VU#228519",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/228519"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208220"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208219"
        },
        {
          "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
        },
        {
          "name": "USN-3455-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3455-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2017-13078",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Wi-Fi Protected Access (WPA and WPA2)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "WPA"
                          },
                          {
                            "version_value": "WPA2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Wi-Fi Alliance"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039581",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039581"
            },
            {
              "name": "https://support.apple.com/HT208221",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208221"
            },
            {
              "name": "101274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101274"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "SUSE-SU-2017:2745",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
            },
            {
              "name": "DSA-3999",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3999"
            },
            {
              "name": "1039578",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039578"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/kracks",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/kracks"
            },
            {
              "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
            },
            {
              "name": "RHSA-2017:2911",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2911"
            },
            {
              "name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
              "refsource": "MISC",
              "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
            },
            {
              "name": "1039577",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039577"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
            },
            {
              "name": "openSUSE-SU-2017:2755",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
            },
            {
              "name": "https://support.apple.com/HT208222",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208222"
            },
            {
              "name": "https://source.android.com/security/bulletin/2017-11-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2017-11-01"
            },
            {
              "name": "GLSA-201711-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-03"
            },
            {
              "name": "RHSA-2017:2907",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2907"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
            },
            {
              "name": "FreeBSD-SA-17:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
            },
            {
              "name": "https://www.krackattacks.com/",
              "refsource": "MISC",
              "url": "https://www.krackattacks.com/"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
            },
            {
              "name": "1039573",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039573"
            },
            {
              "name": "SUSE-SU-2017:2752",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
            },
            {
              "name": "1039576",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039576"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-003",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
            },
            {
              "name": "1039585",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039585"
            },
            {
              "name": "VU#228519",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/228519"
            },
            {
              "name": "https://support.apple.com/HT208220",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208220"
            },
            {
              "name": "https://support.apple.com/HT208219",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208219"
            },
            {
              "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
            },
            {
              "name": "USN-3455-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3455-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2017-13078",
    "datePublished": "2017-10-17T13:00:00.000Z",
    "dateReserved": "2017-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T18:58:12.469Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-13080 (GCVE-0-2017-13080)

Vulnerability from cvelistv5 – Published: 2017-10-17 13:00 – Updated: 2024-08-05 18:58

Summary

Severity

No CVSS data available.

CWE

CWE-323 - Reusing a Nonce, Key Pair in Encryption

Assigner

certcc

References

43 references

URL	Tags
http://www.securitytracker.com/id/1039581	vdb-entryx_refsource_SECTRACK
https://support.apple.com/HT208221	x_refsource_CONFIRM
http://www.securityfocus.com/bid/101274	vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://lists.debian.org/debian-lts-announce/2017…	mailing-listx_refsource_MLIST
http://www.debian.org/security/2017/dsa-3999	vendor-advisoryx_refsource_DEBIAN
https://support.apple.com/HT208327	x_refsource_CONFIRM
http://www.securitytracker.com/id/1039578	vdb-entryx_refsource_SECTRACK
https://support.apple.com/HT208325	x_refsource_CONFIRM
https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
https://access.redhat.com/errata/RHSA-2017:2911	vendor-advisoryx_refsource_REDHAT
https://w1.fi/security/2017-1/wpa-packet-number-r…	x_refsource_MISC
http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
http://www.securitytracker.com/id/1039577	vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id/1039572	vdb-entryx_refsource_SECTRACK
https://support.hpe.com/hpsc/doc/public/display?d…	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://support.apple.com/HT208222	x_refsource_CONFIRM
https://support.apple.com/HT208334	x_refsource_CONFIRM
https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
https://security.gentoo.org/glsa/201711-03	vendor-advisoryx_refsource_GENTOO
https://access.redhat.com/errata/RHSA-2017:2907	vendor-advisoryx_refsource_REDHAT
https://support.lenovo.com/us/en/product_security…	x_refsource_CONFIRM
https://security.FreeBSD.org/advisories/FreeBSD-S…	vendor-advisoryx_refsource_FREEBSD
https://www.krackattacks.com/	x_refsource_MISC
http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
http://www.securitytracker.com/id/1039573	vdb-entryx_refsource_SECTRACK
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://www.securitytracker.com/id/1039576	vdb-entryx_refsource_SECTRACK
https://cert.vde.com/en-us/advisories/vde-2017-003	x_refsource_CONFIRM
http://www.securitytracker.com/id/1039585	vdb-entryx_refsource_SECTRACK
http://www.kb.cert.org/vuls/id/228519	third-party-advisoryx_refsource_CERT-VN
https://support.apple.com/HT208220	x_refsource_CONFIRM
https://support.apple.com/HT208219	x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
https://cert.vde.com/en-us/advisories/vde-2017-005	x_refsource_CONFIRM
http://www.securitytracker.com/id/1039703	vdb-entryx_refsource_SECTRACK
https://portal.msrc.microsoft.com/en-US/security-…	x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-3455-1	vendor-advisoryx_refsource_UBUNTU
https://www.intel.com/content/www/us/en/security-…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
Wi-Fi Alliance	Wi-Fi Protected Access (WPA and WPA2)	Affected: WPA Affected: WPA2

Date Public

2017-10-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.283Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208221"
          },
          {
            "name": "101274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "SUSE-SU-2017:2745",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
          },
          {
            "name": "DSA-3999",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208327"
          },
          {
            "name": "1039578",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208325"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
          },
          {
            "name": "RHSA-2017:2911",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2911"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "name": "1039577",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "name": "1039572",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039572"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
          },
          {
            "name": "openSUSE-SU-2017:2755",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208222"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208334"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "name": "GLSA-201711-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "name": "RHSA-2017:2907",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
          },
          {
            "name": "FreeBSD-SA-17:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.krackattacks.com/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "name": "1039573",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "name": "SUSE-SU-2017:2752",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "name": "1039576",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
          },
          {
            "name": "1039585",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "name": "VU#228519",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208220"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208219"
          },
          {
            "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "name": "1039703",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039703"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
          },
          {
            "name": "USN-3455-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3455-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Wi-Fi Protected Access (WPA and WPA2)",
          "vendor": "Wi-Fi Alliance",
          "versions": [
            {
              "status": "affected",
              "version": "WPA"
            },
            {
              "status": "affected",
              "version": "WPA2"
            }
          ]
        }
      ],
      "datePublic": "2017-10-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-323",
              "description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-10T20:06:15.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1039581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039581"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208221"
        },
        {
          "name": "101274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101274"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "name": "SUSE-SU-2017:2745",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
        },
        {
          "name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
        },
        {
          "name": "DSA-3999",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3999"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208327"
        },
        {
          "name": "1039578",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039578"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208325"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/kracks"
        },
        {
          "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
        },
        {
          "name": "RHSA-2017:2911",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2911"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
        },
        {
          "name": "1039577",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039577"
        },
        {
          "name": "1039572",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039572"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
        },
        {
          "name": "openSUSE-SU-2017:2755",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208222"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208334"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-11-01"
        },
        {
          "name": "GLSA-201711-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-03"
        },
        {
          "name": "RHSA-2017:2907",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2907"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
        },
        {
          "name": "FreeBSD-SA-17:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.krackattacks.com/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
        },
        {
          "name": "1039573",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039573"
        },
        {
          "name": "SUSE-SU-2017:2752",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
        },
        {
          "name": "1039576",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039576"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
        },
        {
          "name": "1039585",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039585"
        },
        {
          "name": "VU#228519",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/228519"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208220"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208219"
        },
        {
          "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
        },
        {
          "name": "1039703",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039703"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
        },
        {
          "name": "USN-3455-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3455-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2017-13080",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Wi-Fi Protected Access (WPA and WPA2)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "WPA"
                          },
                          {
                            "version_value": "WPA2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Wi-Fi Alliance"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039581",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039581"
            },
            {
              "name": "https://support.apple.com/HT208221",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208221"
            },
            {
              "name": "101274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101274"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "SUSE-SU-2017:2745",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
            },
            {
              "name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
            },
            {
              "name": "DSA-3999",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3999"
            },
            {
              "name": "https://support.apple.com/HT208327",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208327"
            },
            {
              "name": "1039578",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039578"
            },
            {
              "name": "https://support.apple.com/HT208325",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208325"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/kracks",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/kracks"
            },
            {
              "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
            },
            {
              "name": "RHSA-2017:2911",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2911"
            },
            {
              "name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
              "refsource": "MISC",
              "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
            },
            {
              "name": "1039577",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039577"
            },
            {
              "name": "1039572",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039572"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
            },
            {
              "name": "openSUSE-SU-2017:2755",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
            },
            {
              "name": "https://support.apple.com/HT208222",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208222"
            },
            {
              "name": "https://support.apple.com/HT208334",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208334"
            },
            {
              "name": "https://source.android.com/security/bulletin/2017-11-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2017-11-01"
            },
            {
              "name": "GLSA-201711-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-03"
            },
            {
              "name": "RHSA-2017:2907",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2907"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
            },
            {
              "name": "FreeBSD-SA-17:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
            },
            {
              "name": "https://www.krackattacks.com/",
              "refsource": "MISC",
              "url": "https://www.krackattacks.com/"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
            },
            {
              "name": "1039573",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039573"
            },
            {
              "name": "SUSE-SU-2017:2752",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
            },
            {
              "name": "1039576",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039576"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-003",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
            },
            {
              "name": "1039585",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039585"
            },
            {
              "name": "VU#228519",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/228519"
            },
            {
              "name": "https://support.apple.com/HT208220",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208220"
            },
            {
              "name": "https://support.apple.com/HT208219",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208219"
            },
            {
              "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
            },
            {
              "name": "1039703",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039703"
            },
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080",
              "refsource": "CONFIRM",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
            },
            {
              "name": "USN-3455-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3455-1"
            },
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2017-13080",
    "datePublished": "2017-10-17T13:00:00.000Z",
    "dateReserved": "2017-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T18:58:12.283Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

VDE-2021-010

CVE-2017-13077 (GCVE-0-2017-13077)

CVE-2017-13078 (GCVE-0-2017-13078)

CVE-2017-13080 (GCVE-0-2017-13080)

Tags

Sightings

Nomenclature