{ "schema_version": "1.4.0", "id": "GHSA-mxrv-cp62-8842", "modified": "2025-04-20T03:46:54Z", "published": "2022-05-13T01:43:01Z", "aliases": [ "CVE-2017-13084" ], "details": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13084" }, { "type": "WEB", "url": "https://access.redhat.com/security/vulnerabilities/kracks" }, { "type": "WEB", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/201711-03" }, { "type": "WEB", "url": "https://support.lenovo.com/us/en/product_security/LEN-17420" }, { "type": "WEB", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa" }, { "type": "WEB", "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt" }, { "type": "WEB", "url": "https://www.krackattacks.com" }, { "type": "WEB", "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt" }, { "type": "WEB", "url": "http://www.kb.cert.org/vuls/id/228519" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/101274" }, { "type": "WEB", "url": "http://www.securitytracker.com/id/1039576" }, { "type": "WEB", "url": "http://www.securitytracker.com/id/1039577" }, { "type": "WEB", "url": "http://www.securitytracker.com/id/1039581" } ], "database_specific": { "cwe_ids": [ "CWE-323", "CWE-330" ], "severity": "MODERATE", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2017-10-17T13:29:00Z" } }