VDB
BDU%3A2017-02267
BDU%3A2017-02267
PUBLISHED
CVSS 7.900000095367432 HIGH
Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (integrity group key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети
Risk Scores
CVSS 2.0
7.900000095367432
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft Corp, Canonical Ltd., Aruba Networks, Cisco Systems Inc., Espressif Systems (Shanghai) Co., Ltd., Fortinet Inc., Jouni Malinen, FreeBSD Project, Intel Corp., Juniper Networks Inc., Microchip Technology, Peplink, Sierra Wireless Inc., Ubiquiti Networks, Watchguard Technologies Inc., Zyxel Communications Corp. | Windows 7 Service Pack 1, Windows Server 2008 Service Pack 2, Windows 8.1, Ubuntu, Windows Server 2012, Windows Server 2008 R2 Service Pack 1, Windows RT 8.1, Windows 10 1511, Windows 10 1607, Windows Server 2016, Windows 10 1703, ArubaOS, Aruba Instant, Clarity Engine, HP 501 Wireless Client Bridge, Aruba 501 Wireless Client Bridge, AirMesh MSR, Small Business 500 Series Wireless Access Point, Small Business 300 Series Wireless Access Point, Small Business 100 Series Wireless Access Point, DX Series IP Phones, ASA with FirePOWER Services, IP Phone 8800 Series, Aironet Access Point, Espressif IoT Development Framework, FortiAP, hostapd, wpa_supplicant, WPA Supplicant, Intel Dual Band Wireless-AC 3160, Intel Dual Band Wireless-AC 3165, Intel Dual Band Wireless-AC 3168, Intel Dual Band Wireless-AC 7260, Intel Dual Band Wireless-AC 7265, Intel Dual Band Wireless-AC 8260/8265/9260, Intel Atom Processor C3200 Series for Yocto Project BSP, Active Management Technology, JunOS, ScreenOS, WINC15x0, RN1810, RN171, RN131, MAX, MediaFast, SOHO, Device Connector, GX400/440, GX450, ALEOS, MGOS, Legato, airOS, airMAX AC, airMAX M, UAP, USW, Access Points AP100, Access Points AP102, Access Points AP120, Access Points AP200, Access Points AP300, Access Points AP320, Access Points AP322, Access Points AP420, Appliances XTM 25-W, Appliances 26-W, Appliances 33-W, Firebox T10-W, Firebox T30-W, Firebox T50-W, NWA1100-NH, NWA1120, NWA5301-NJ, NWA5120, WAC6100, WAC6500, WAP6405, WAP6804, WAP6806, WRE2206, WRE6505 v2, WRE6606 |
Timeline
- Oct 18, 2017 CVE Published
- Mar 23, 2021 CVE Updated
- Mar 18, 2026 Distribution Patch
- Mar 18, 2026 Security Advisory
References
- https://papers.mathyvanhoef.com/ccs2017.pdf url
- https://www.kb.cert.org/vuls/id/228519 url
- http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt url
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa url
- https://github.com/espressif/ESP8266_RTOS_SDK/commit/2fab9e23d779cdd6e5900b8ba2b588e30d9b08c4 url
- http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf url
- http://vuxml.freebsd.org/freebsd/d670a953-b2a1-11e7-a633-009c02a2ab30.html url
- https://w1.fi/security/2017-1/ url
- https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00101&languageid=en-fr url
- http://www.microchip.com/design-centers/wireless-connectivity/embedded-wi-fi/wpa2-protocol-vulnerability url
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080 url
- https://forum.peplink.com/t/security-advisory-krack-wpa2-vulnerability-vu-228519/12715 url
- https://source.sierrawireless.com/~/media/support_downloads/airlink/docs/technical%20bulletin/wpa_swi_summaryv4.ashx?la=en url
- https://community.ubnt.com/t5/airMAX-Updates-Blog/airOS-v6-0-7-Has-Been-Released/ba-p/2056522 url
- https://community.ubnt.com/t5/airMAX-Updates-Blog/airOS-v8-4-0-Has-Been-Released/ba-p/2081100 url
- https://usn.ubuntu.com/usn/usn-3455-1/ url
- https://www.watchguard.com/wgrd-blog/wpa-and-wpa2-vulnerabilities-update url
- http://www.zyxel.com/support/announcement_wpa2_key_management.shtml url