Details of VAR-201710-0213

ID

VAR-201710-0213

CVE

CVE-2017-13084

TITLE

Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse

Trust: 0.8

sources: CERT/CC: VU#228519

DESCRIPTION

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a group key reload vulnerability in the PeerKey handshake. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] wpa_supplicant (SSA:2017-291-02) New wpa_supplicant packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. This is the list of vulnerabilities that are addressed here: CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz MD5 signatures: +-------------+ Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAlnnrOgACgkQakRjwEAQIjPgvQCfRcXlhuFjrDNPbEUeZrYLxnkW b+4An0l5cZOdtohI7Fq0NbryWajCOnM2 =5HQM -----END PGP SIGNATURE-----

Trust: 3.51

sources: NVD: CVE-2017-13084 // CERT/CC: VU#228519 // JVNDB: JVNDB-2017-009176 // CNVD: CNVD-2017-30400 // BID: 101274 // IVD: 37a5aa3e-4512-466b-9bc5-af5013c143e3 // VULMON: CVE-2017-13084 // PACKETSTORM: 144663

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 37a5aa3e-4512-466b-9bc5-af5013c143e3 // CNVD: CNVD-2017-30400

AFFECTED PRODUCTS

vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.3.7	Trust: 1.6
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.3.11	Trust: 1.6
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.4.7	Trust: 1.6
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.2.8	Trust: 1.6
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.4.8	Trust: 1.6
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.2.4	Trust: 1.6
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.3.10	Trust: 1.6
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.2.5	Trust: 1.6
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.3.9	Trust: 1.6
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.2.6	Trust: 1.6
vendor:	redhat	model:	enterprise linux desktop	scope:	eq	version:	7	Trust: 1.3
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	7	Trust: 1.3
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	2.6	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	2.2	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	1.0	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	2.2	Trust: 1.0
vendor:	freebsd	model:	freebsd	scope:	eq	version:	*	Trust: 1.0
vendor:	suse	model:	linux enterprise desktop	scope:	eq	version:	12	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.4.7	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.5.10	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	2.0	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	2.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.4.9	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.5.8	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.5.8	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	2.1	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.5.7	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.6.9	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.2.8	Trust: 1.0
vendor:	suse	model:	linux enterprise server	scope:	eq	version:	12	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	1.1	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.7.3	Trust: 1.0
vendor:	freebsd	model:	freebsd	scope:	eq	version:	10	Trust: 1.0
vendor:	freebsd	model:	freebsd	scope:	eq	version:	11.1	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.5.9	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.4.11	Trust: 1.0
vendor:	freebsd	model:	freebsd	scope:	eq	version:	10.4	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.2.6	Trust: 1.0
vendor:	freebsd	model:	freebsd	scope:	eq	version:	11	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.5.11	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	2.4	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.3.8	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.2.5	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.3.7	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.4.10	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.6.10	Trust: 1.0
vendor:	suse	model:	openstack cloud	scope:	eq	version:	6	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	1.0	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.3.11	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	2.5	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.5.10	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	2.6	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.4.9	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	14.04	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	2.1	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	2.3	Trust: 1.0
vendor:	opensuse	model:	leap	scope:	eq	version:	42.2	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	2.3	Trust: 1.0
vendor:	suse	model:	linux enterprise point of sale	scope:	eq	version:	11	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	1.1	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.5.7	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.7.3	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.6.9	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.5.9	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.4.8	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.2.7	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.2.4	Trust: 1.0
vendor:	suse	model:	linux enterprise server	scope:	eq	version:	11	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.3.10	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	16.04	Trust: 1.0
vendor:	opensuse	model:	leap	scope:	eq	version:	42.3	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.4.11	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.6.8	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	17.04	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.6.8	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.4.10	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	0.5.11	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.6.10	Trust: 1.0
vendor:	w1 fi	model:	hostapd	scope:	eq	version:	2.4	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	0.3.9	Trust: 1.0
vendor:	w1 fi	model:	wpa supplicant	scope:	eq	version:	2.5	Trust: 1.0
vendor:	9front	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	adtran	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	avm	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	actiontec	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	aerohive	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	alcatel lucent	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	android open source	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	arch linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	aruba	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	asustek computer	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	barracuda	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	broadcom	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cambium	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	centos	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cradlepoint	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cypress semiconductor	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	debian gnu linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	dell	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	digi	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	draytek	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	edimax computer	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	engenius	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	endian	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	espressif	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	extreme	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	f secure	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	fedora	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	fortinet	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	freebsd	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	gentoo linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	google	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	hewlett packard	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	hostap	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ipfire	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	intel	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	juniper	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	lancom	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	lede	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	lifx	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	lenovo	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	microchip	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	microsoft	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	mojo	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	nest	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	netbsd	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	netgear	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	opnsense	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	omnirom	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	open mesh	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	openbsd	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	peplink	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	red hat	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	riverbed	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	rockwell automation	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ruckus	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	suse linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	samsung mobile	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	sierra	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	slackware linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	sonos	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	sony	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	sophos	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	synology	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	tp link	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	technicolor	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	texas instruments	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	toshiba commerce	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	toshiba electronic devices storage	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	toshiba memory	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	turris omnia	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ubiquiti	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ubuntu	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	volumio	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	watchguard	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	xiaomi	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	xirrus	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	zebra	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	zyxel	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	dd wrt	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	eero	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	pfsense	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	canonical	model:	ubuntu	scope:	-	version:	-	Trust: 0.8
vendor:	debian	model:	gnu/linux	scope:	-	version:	-	Trust: 0.8
vendor:	freebsd	model:	freebsd	scope:	-	version:	-	Trust: 0.8
vendor:	opensuse	model:	leap	scope:	-	version:	-	Trust: 0.8
vendor:	suse	model:	linux enterprise desktop	scope:	-	version:	-	Trust: 0.8
vendor:	suse	model:	linux enterprise point of sale	scope:	-	version:	-	Trust: 0.8
vendor:	suse	model:	linux enterprise server	scope:	-	version:	-	Trust: 0.8
vendor:	suse	model:	openstack cloud	scope:	-	version:	-	Trust: 0.8
vendor:	w1 fi	model:	hostapd	scope:	-	version:	-	Trust: 0.8
vendor:	w1 fi	model:	wpa supplicant	scope:	-	version:	-	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	-	version:	-	Trust: 0.8
vendor:	red hat	model:	enterprise linux server	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	edge gateway	scope:	eq	version:	-	Trust: 0.8
vendor:	fujitsu	model:	sr-m20ac1	scope:	lte	version:	v02.10	Trust: 0.8
vendor:	fujitsu	model:	sr-m20ac2	scope:	lte	version:	v02.10	Trust: 0.8
vendor:	wi fi	model:	alliance wi-fi protected access 2	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	scalance w-700	scope:	eq	version:	0	Trust: 0.6
vendor:	intel	model:	atom processor c3200 series for yocto project bsp mr4	scope:	-	version:	-	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.3.2	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	6.1	Trust: 0.3
vendor:	bd	model:	pyxis supplystation	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	sinamics smart access module	scope:	eq	version:	v200	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	11.6.27.3264	Trust: 0.3
vendor:	cisco	model:	meraki mr34	scope:	eq	version:	0	Trust: 0.3
vendor:	pepperl fuchs	model:	ck71a-atex	scope:	eq	version:	0	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	eq	version:	6.5.2.0	Trust: 0.3
vendor:	apple	model:	macbook air	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	18500	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	8.0	Trust: 0.3
vendor:	cisco	model:	meraki mr26	scope:	eq	version:	0	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	eq	version:	6.4	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	28000	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power big endian extended update support	scope:	eq	version:	-7.5	Trust: 0.3
vendor:	cisco	model:	meraki mr84	scope:	eq	version:	0	Trust: 0.3
vendor:	phoenix	model:	contact fl wlan	scope:	eq	version:	510x0	Trust: 0.3
vendor:	microsoft	model:	windows server r2 for itanium-based systems sp1	scope:	eq	version:	2008	Trust: 0.3
vendor:	phoenix	model:	contact itc	scope:	eq	version:	81130	Trust: 0.3
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	7	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	10.0	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	726519.51.0.0	Trust: 0.3
vendor:	redhat	model:	enterprise linux server extended update support	scope:	eq	version:	-7.6	Trust: 0.3
vendor:	cisco	model:	meraki mr18	scope:	eq	version:	0	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	eq	version:	8.1.0.3	Trust: 0.3
vendor:	siemens	model:	scalance w1750d	scope:	eq	version:	0	Trust: 0.3
vendor:	stryker	model:	secure ii med-surg bed	scope:	eq	version:	3002	Trust: 0.3
vendor:	phoenix	model:	contact fl wlan	scope:	eq	version:	210x0	Trust: 0.3
vendor:	microsoft	model:	windows version for x64-based systems	scope:	eq	version:	1015110	Trust: 0.3
vendor:	cisco	model:	aironet access points	scope:	eq	version:	0	Trust: 0.3
vendor:	phoenix	model:	contact fl wlan ap	scope:	eq	version:	24802-110	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	11.0	Trust: 0.3
vendor:	arubanetworks	model:	instantos	scope:	eq	version:	6.5.4.1	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	10.2	Trust: 0.3
vendor:	cisco	model:	wap371 wireless-ac n access point with single point setup	scope:	eq	version:	0	Trust: 0.3
vendor:	pepperl fuchs	model:	ex-handy	scope:	eq	version:	2090	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	eq	version:	6.5.3.2	Trust: 0.3
vendor:	phoenix	model:	contact rad-80211-xd	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	ne	version:	11.2	Trust: 0.3
vendor:	phoenix	model:	contact fl wlan dap	scope:	eq	version:	24802-110	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	726519.10.9.1	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	ne	version:	6.3.1.25	Trust: 0.3
vendor:	bd	model:	pyxis medstation es	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	wireless ip phone	scope:	eq	version:	88210	Trust: 0.3
vendor:	bd	model:	pyxis stockstation system	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	macbook	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	316819.51.7.1	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	ne	version:	726519.10.9.2	Trust: 0.3
vendor:	siemens	model:	scalance wlc712	scope:	eq	version:	0	Trust: 0.3
vendor:	phoenix	model:	contact fl wlan spa	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	meraki mr62	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic et200 pro im154-6 pn iwlan	scope:	eq	version:	0	Trust: 0.3
vendor:	abb	model:	tropos broadband mesh routers and bridges	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	ne	version:	316819.10.9.2	Trust: 0.3
vendor:	cisco	model:	meraki mr33	scope:	eq	version:	0	Trust: 0.3
vendor:	arubanetworks	model:	instantos	scope:	ne	version:	6.5.3.3	Trust: 0.3
vendor:	oracle	model:	micros handheld terminal	scope:	eq	version:	0	Trust: 0.3
vendor:	microsoft	model:	windows server	scope:	eq	version:	20120	Trust: 0.3
vendor:	arubanetworks	model:	instantos	scope:	eq	version:	6.5.2	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	316018.33.9.2	Trust: 0.3
vendor:	microsoft	model:	windows version for 32-bit systems	scope:	eq	version:	1017030	Trust: 0.3
vendor:	intel	model:	atom processor c3200 series for yocto project bsp mr4.1	scope:	ne	version:	-	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	2.6	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	7.1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl wlan	scope:	eq	version:	110x0	Trust: 0.3
vendor:	microsoft	model:	windows for 32-bit systems	scope:	eq	version:	100	Trust: 0.3
vendor:	stryker	model:	s3 med-surg bed	scope:	eq	version:	3002	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	eq	version:	6.4.2.4	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	11.1	Trust: 0.3
vendor:	phoenix	model:	contact fl comserver wlan	scope:	eq	version:	232/422/4850	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.6.8	Trust: 0.3
vendor:	redhat	model:	enterprise linux server update services for sap solutions	scope:	eq	version:	-7.	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	7.1.91.3272	Trust: 0.3
vendor:	arubanetworks	model:	instantos	scope:	ne	version:	4.2.4.9	Trust: 0.3
vendor:	phoenix	model:	contact fl wlan ap	scope:	eq	version:	230802-110	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	6.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power little endian extended update supp	scope:	eq	version:	-7.6	Trust: 0.3
vendor:	cisco	model:	meraki mr14	scope:	eq	version:	0	Trust: 0.3
vendor:	redhat	model:	enterprise linux eus compute node	scope:	eq	version:	7.5	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	18150	Trust: 0.3
vendor:	arubanetworks	model:	wireless client bridge 2.0.0.1-aruba501-b00	scope:	ne	version:	501	Trust: 0.3
vendor:	redhat	model:	enterprise linux server extended update support	scope:	eq	version:	-7.4	Trust: 0.3
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	-7.6	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	726018.33.9.2	Trust: 0.3
vendor:	apple	model:	airport express	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	meraki mr16	scope:	eq	version:	0	Trust: 0.3
vendor:	arubanetworks	model:	clarity engine	scope:	eq	version:	1.0	Trust: 0.3
vendor:	cisco	model:	meraki mr30h	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	airport extreme	scope:	eq	version:	0	Trust: 0.3
vendor:	microsoft	model:	windows server r2	scope:	eq	version:	20120	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	ne	version:	826520.0.2.3	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	8.0	Trust: 0.3
vendor:	phoenix	model:	contact bl2 bpc	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux for ibm z systems	scope:	eq	version:	7	Trust: 0.3
vendor:	apple	model:	watch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	meraki mr32	scope:	eq	version:	0	Trust: 0.3
vendor:	w1 f1	model:	wpa supplicant	scope:	eq	version:	2.4	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	4.0	Trust: 0.3
vendor:	siemens	model:	ruggedcom rx1400	scope:	eq	version:	0	Trust: 0.3
vendor:	pepperl fuchs	model:	cn70a-atex	scope:	eq	version:	0	Trust: 0.3
vendor:	microsoft	model:	windows version for 32-bit systems	scope:	eq	version:	1015110	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	eq	version:	6.5.3	Trust: 0.3
vendor:	bd	model:	pyxis parx handheld	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	726519.10	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	9.1.40.100	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	10.1.1	Trust: 0.3
vendor:	arubanetworks	model:	instantos	scope:	eq	version:	6.5.3	Trust: 0.3
vendor:	microsoft	model:	windows rt	scope:	eq	version:	8.1	Trust: 0.3
vendor:	cisco	model:	meraki mr42	scope:	eq	version:	0	Trust: 0.3
vendor:	arubanetworks	model:	instantos	scope:	ne	version:	4.3.1.6	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.7.3	Trust: 0.3
vendor:	cisco	model:	wap561 wireless-n dual radio selectable band access point	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	11.0.26.3000	Trust: 0.3
vendor:	arubanetworks	model:	instantos	scope:	ne	version:	6.5.4.2	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	11.6	Trust: 0.3
vendor:	apple	model:	tvos	scope:	ne	version:	11.2	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	6.0	Trust: 0.3
vendor:	microsoft	model:	windows server	scope:	eq	version:	2016	Trust: 0.3
vendor:	phoenix	model:	contact rad-whg/wlan-xd	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	ne	version:	726018.33.9.3	Trust: 0.3
vendor:	apple	model:	wi-fi update for boot camp	scope:	ne	version:	6.4.0	Trust: 0.3
vendor:	toshiba	model:	suremark printer 2nr	scope:	eq	version:	4610	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	ne	version:	6.5.4.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power little endian extended update supp	scope:	eq	version:	-7.5	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power little endian	scope:	eq	version:	7	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	826520.0.0.0	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	eq	version:	6.3.1.8	Trust: 0.3
vendor:	microsoft	model:	windows server for x64-based systems sp2	scope:	eq	version:	2008	Trust: 0.3
vendor:	bd	model:	pyxis supply roller	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.6.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.3	Trust: 0.3
vendor:	cisco	model:	telepresence collaboration endpoint	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	6.2.61.3535	Trust: 0.3
vendor:	phoenix	model:	contact vmt	scope:	eq	version:	70xx0	Trust: 0.3
vendor:	apple	model:	imac	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	meraki mr72	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	watchos	scope:	eq	version:	4	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power little endian extended update supp	scope:	eq	version:	-7.4	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	11.0.25.3001	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	ne	version:	8.1.0.4	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	9.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	-7.4	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	6.2	Trust: 0.3
vendor:	cisco	model:	meraki mr53	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	10.1	Trust: 0.3
vendor:	cisco	model:	wap551 wireless-n single radio selectable band access point	scope:	eq	version:	0	Trust: 0.3
vendor:	arubanetworks	model:	instantos	scope:	eq	version:	4.2	Trust: 0.3
vendor:	arubanetworks	model:	instantos	scope:	eq	version:	6.5.3.2	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	316519.10	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	826020.0.0.0	Trust: 0.3
vendor:	cisco	model:	wap121 wireless-n access point with single point setup	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	2.5	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	11.6.0.1000	Trust: 0.3
vendor:	arubanetworks	model:	wireless client bridge 1.0.1.3-hp501-b0012	scope:	ne	version:	501	Trust: 0.3
vendor:	pepperl fuchs	model:	i.roc ci70-ex	scope:	eq	version:	0	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	eq	version:	6.5.0.0	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	826020.0.2.2	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	7.1	Trust: 0.3
vendor:	pepperl fuchs	model:	cn70e-atex	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	726018.0.0.0	Trust: 0.3
vendor:	cisco	model:	meraki mr24	scope:	eq	version:	0	Trust: 0.3
vendor:	toshiba	model:	suremark printer 1nr	scope:	eq	version:	4610	Trust: 0.3
vendor:	redhat	model:	enterprise linux for ibm z systems extended update support	scope:	eq	version:	-7.6	Trust: 0.3
vendor:	phoenix	model:	contact vmt	scope:	eq	version:	50xx0	Trust: 0.3
vendor:	cisco	model:	meraki mr74	scope:	eq	version:	0	Trust: 0.3
vendor:	pepperl fuchs	model:	ex-handy	scope:	eq	version:	090	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	eq	version:	6.4.4.15	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	316519.51.7.1	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	ne	version:	726519.51.7.20	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	726519.51.7.1	Trust: 0.3
vendor:	espressif	model:	systems esp32	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	watchos	scope:	eq	version:	4.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux server extended update support	scope:	eq	version:	-7.5	Trust: 0.3
vendor:	oracle	model:	micros handheld terminal 2.03.0.0.021r	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	38000	Trust: 0.3
vendor:	bd	model:	pyxis parx	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	dx70	scope:	eq	version:	0	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	ne	version:	6.5.1.9	Trust: 0.3
vendor:	redhat	model:	enterprise linux server update services for sap solutions	scope:	eq	version:	-7.6	Trust: 0.3
vendor:	stryker	model:	intouch critical care bed	scope:	eq	version:	2141	Trust: 0.3
vendor:	bd	model:	pyxis anesthesia es	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	aironet series officeextend access points	scope:	eq	version:	18100	Trust: 0.3
vendor:	microsoft	model:	windows for x64-based systems	scope:	eq	version:	8.10	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	316819.10.9.1	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	10.0.55.3000	Trust: 0.3
vendor:	microsoft	model:	windows for 32-bit systems	scope:	eq	version:	8.10	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	meraki mr66	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	316519.10.9.1	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.6	Trust: 0.3
vendor:	stryker	model:	intouch critical care bed	scope:	eq	version:	2131	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	18300	Trust: 0.3
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	-7.6	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power big endian extended update support	scope:	eq	version:	-7.6	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	10.0.0.50.1004	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	eq	version:	6.4.1.0	Trust: 0.3
vendor:	cisco	model:	wap321 wireless-n access point with single point setup	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic iwlan-pb/link	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	aironet 1810w series access points	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	meraki mr52	scope:	eq	version:	0	Trust: 0.3
vendor:	redhat	model:	enterprise linux for ibm z systems extended update support	scope:	eq	version:	-7.5	Trust: 0.3
vendor:	cisco	model:	meraki mr12	scope:	eq	version:	0	Trust: 0.3
vendor:	arubanetworks	model:	airmesh msr	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	ne	version:	316519.51.7.20	Trust: 0.3
vendor:	apple	model:	watchos	scope:	ne	version:	4.2	Trust: 0.3
vendor:	phoenix	model:	contact fl wlan ec	scope:	eq	version:	24802-110	Trust: 0.3
vendor:	arubanetworks	model:	instantos	scope:	eq	version:	4.2.4.8	Trust: 0.3
vendor:	espressif	model:	systems esp8266	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	0	Trust: 0.3
vendor:	pepperl fuchs	model:	pad-ex	scope:	eq	version:	010	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	11.0.0.1205	Trust: 0.3
vendor:	cisco	model:	ip phone	scope:	eq	version:	88610	Trust: 0.3
vendor:	arubanetworks	model:	clarity engine	scope:	ne	version:	1.0.0.1	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	15600	Trust: 0.3
vendor:	microsoft	model:	windows for 32-bit systems sp1	scope:	eq	version:	7	Trust: 0.3
vendor:	arubanetworks	model:	instantos	scope:	eq	version:	4.3.1.5	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.6.2	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	8.1	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	11.8	Trust: 0.3
vendor:	microsoft	model:	windows for x64-based systems sp1	scope:	eq	version:	7	Trust: 0.3
vendor:	redhat	model:	enterprise linux for ibm z systems extended update support	scope:	eq	version:	-7.4	Trust: 0.3
vendor:	cisco	model:	meraki mr58	scope:	eq	version:	0	Trust: 0.3
vendor:	microsoft	model:	windows version for 32-bit systems	scope:	eq	version:	1016070	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	ne	version:	316519.10.9.2	Trust: 0.3
vendor:	bd	model:	pyxis parassist system	scope:	eq	version:	0	Trust: 0.3
vendor:	microsoft	model:	windows server for 32-bit systems sp2	scope:	eq	version:	2008	Trust: 0.3
vendor:	arubanetworks	model:	instantos	scope:	eq	version:	4.3	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	7.0	Trust: 0.3
vendor:	siemens	model:	simatic mobile panel 277 iwlan	scope:	eq	version:	0	Trust: 0.3
vendor:	bd	model:	pyxis medstation t2	scope:	eq	version:	40000	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	ne	version:	826020.0.2.3	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.6.1	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	316519.51.0.0	Trust: 0.3
vendor:	apple	model:	wi-fi update for boot camp	scope:	eq	version:	0	Trust: 0.3
vendor:	redhat	model:	enterprise linux server update services for sap solutions	scope:	eq	version:	-7.4	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	phoenix	model:	contact vmt	scope:	eq	version:	30xx0	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power big endian	scope:	eq	version:	7	Trust: 0.3
vendor:	w1 f1	model:	wpa supplicant	scope:	eq	version:	2.6	Trust: 0.3
vendor:	arubanetworks	model:	wireless client bridge	scope:	eq	version:	5010	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	11.5	Trust: 0.3
vendor:	cisco	model:	meraki mr11	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.3.3	Trust: 0.3
vendor:	bd	model:	pyxis anesthesia system	scope:	eq	version:	40000	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	bd	model:	pyxis anesthesia system	scope:	eq	version:	35000	Trust: 0.3
vendor:	rockwell	model:	automation stratix 15.3 jc1	scope:	eq	version:	5100	Trust: 0.3
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	-7.4	Trust: 0.3
vendor:	bd	model:	pyxis ciisafe workstation	scope:	eq	version:	??0	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power big endian extended update support	scope:	eq	version:	-7.4	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.6.7	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	316819.51.0.0	Trust: 0.3
vendor:	apple	model:	ipad air	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	7.0	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	eq	version:	6.5.4.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux eus compute node	scope:	eq	version:	7.6	Trust: 0.3
vendor:	redhat	model:	enterprise linux for scientific computing	scope:	eq	version:	7	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	8.1.71.3608	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	9.1.41.3024	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	eq	version:	6.4.2.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux eus compute node	scope:	eq	version:	7.4	Trust: 0.3
vendor:	cisco	model:	dx80	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	9.0	Trust: 0.3
vendor:	phoenix	model:	contact bl2 ppc	scope:	eq	version:	0	Trust: 0.3
vendor:	phoenix	model:	contact tpc	scope:	eq	version:	60130	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	eq	version:	6.5.1	Trust: 0.3
vendor:	pepperl fuchs	model:	ck70a-atex	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.3.1	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	ne	version:	316819.51.7.20	Trust: 0.3
vendor:	apple	model:	macbook pro	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	316819.10	Trust: 0.3
vendor:	microsoft	model:	windows for x64-based systems	scope:	eq	version:	100	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.7.8	Trust: 0.3
vendor:	intel	model:	active management technology	scope:	eq	version:	9.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.2	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.6.4	Trust: 0.3
vendor:	pepperl fuchs	model:	smart-ex	scope:	eq	version:	010	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	826520.0.2.2	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	ne	version:	316018.33.9.3	Trust: 0.3
vendor:	pepperl fuchs	model:	tab-ex	scope:	eq	version:	010	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	ne	version:	6.5.3.3	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	macmini	scope:	eq	version:	0	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	ne	version:	6.4.4.16	Trust: 0.3
vendor:	phoenix	model:	contact fl wlan epa	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	airport time capsule	scope:	eq	version:	0	Trust: 0.3
vendor:	wi fi	model:	alliance wpa2 (wi-fi protected access	scope:	eq	version:	2)0	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	ne	version:	7.7.9	Trust: 0.3
vendor:	siemens	model:	scalance wlc711	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	ruggedcom rs9xxw	scope:	eq	version:	0	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	eq	version:	6.3.1.15	Trust: 0.3
vendor:	ubiquiti	model:	networks unifi access point	scope:	eq	version:	0	Trust: 0.3
vendor:	toshiba	model:	suremark printer 2cr	scope:	eq	version:	4610	Trust: 0.3
vendor:	cisco	model:	ip phone	scope:	eq	version:	88650	Trust: 0.3
vendor:	arubanetworks	model:	arubaos	scope:	eq	version:	6.5.4	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	eq	version:	7.7.7	Trust: 0.3
vendor:	arubanetworks	model:	instantos	scope:	eq	version:	6.5.4	Trust: 0.3
vendor:	cisco	model:	asa 5506w-x w/ firepower services	scope:	eq	version:	0	Trust: 0.3
vendor:	microsoft	model:	windows version for x64-based systems	scope:	eq	version:	1016070	Trust: 0.3
vendor:	apple	model:	airport base station	scope:	ne	version:	7.6.9	Trust: 0.3
vendor:	stryker	model:	s3 med-surg bed	scope:	eq	version:	3005	Trust: 0.3
vendor:	intel	model:	dual band wireless-ac	scope:	eq	version:	316018.0.0.0	Trust: 0.3
vendor:	pepperl fuchs	model:	smart-ex	scope:	eq	version:	2010	Trust: 0.3
vendor:	microsoft	model:	windows version for x64-based systems	scope:	eq	version:	1017030	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	11.1	Trust: 0.3
vendor:	wi fi	model:	alliance	scope:	eq	version:	*	Trust: 0.2
vendor:	wi fi	model:	protected access 2	scope:	-	version:	-	Trust: 0.2

sources: IVD: 37a5aa3e-4512-466b-9bc5-af5013c143e3 // CERT/CC: VU#228519 // CNVD: CNVD-2017-30400 // BID: 101274 // JVNDB: JVNDB-2017-009176 // NVD: CVE-2017-13084 // CNNVD: CNNVD-201710-386

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2017-13084
value:	MEDIUM
Trust: 1.8
CNVD:	CNVD-2017-30400
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201710-386
value:	MEDIUM
Trust: 0.6
IVD:	37a5aa3e-4512-466b-9bc5-af5013c143e3
value:	MEDIUM
Trust: 0.2
VULMON:	CVE-2017-13084
value:	MEDIUM
Trust: 0.1

NVD:
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	6.4
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2017-13084
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.9
CNVD:	CNVD-2017-30400
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	37a5aa3e-4512-466b-9bc5-af5013c143e3
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

NVD:
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector:	ADJACENT_NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	1.6
impactScore:	5.2
version:	3.0
Trust: 1.0
NVD:	CVE-2017-13084
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector:	ADJACENT NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: IVD: 37a5aa3e-4512-466b-9bc5-af5013c143e3 // CNVD: CNVD-2017-30400 // VULMON: CVE-2017-13084 // JVNDB: JVNDB-2017-009176 // NVD: CVE-2017-13084 // CNNVD: CNNVD-201710-386

PROBLEMTYPE DATA

problemtype:	CWE-330	Trust: 1.0
problemtype:	CWE-254	Trust: 0.8

sources: JVNDB: JVNDB-2017-009176 // NVD: CVE-2017-13084

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201710-386

TYPE

security feature problem

Trust: 0.6

sources: CNNVD: CNNVD-201710-386

CONFIGURATIONS

sources: NVD: CVE-2017-13084

PATCH

title:	ARUBA-PSA-2017-007	url:	http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt	Trust: 0.8
title:	LEN-17420	url:	https://support.lenovo.com/jp/en/product_security/len-17420	Trust: 0.8
title:	NV17-024	url:	http://jpn.nec.com/security-info/secinfo/nv17-024.html	Trust: 0.8
title:	KRACKs - wpa_supplicant Multiple Vulnerabilities	url:	https://access.redhat.com/security/vulnerabilities/kracks	Trust: 0.8
title:	WPA packet number reuse with replayed messages and key reinstallation	url:	https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt	Trust: 0.8
title:	Wi-Fiの認証／暗号化技術WPA2およびWPAの複数の脆弱性について	url:	http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html	Trust: 0.8
title:	WPA2の脆弱性に関する弊社調査・対応状況について	url:	http://www.iodata.jp/support/information/2017/wpa2/	Trust: 0.8
title:	無線LAN 認証／暗号化技術WPA2およびWPAに関する脆弱性のお知らせ	url:	http://www.fmworld.net/biz/common/info/20171110/	Trust: 0.8
title:	Patch for WPA2 Wireless Network STK Key Reload Vulnerability	url:	https://www.cnvd.org.cn/patchinfo/show/103824	Trust: 0.6
title:	Multiple WiFi product WPA2 Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75500	Trust: 0.6
title:	The Register	url:	https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/	Trust: 0.2
title:	Red Hat: CVE-2017-13084	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=cve-2017-13084	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=cve-2017-13084	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=6df91267eee9400a24a98876f50ffe84	Trust: 0.1
title:	Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20171016-wpa	Trust: 0.1
title:	KRACK	url:	https://github.com/chinatso/krack	Trust: 0.1
title:	krackinfo	url:	https://github.com/kristate/krackinfo	Trust: 0.1
title:	-	url:	https://github.com/merlinepedra/krack	Trust: 0.1
title:	nixos-issue-db-example	url:	https://github.com/andir/nixos-issue-db-example	Trust: 0.1

sources: CNVD: CNVD-2017-30400 // VULMON: CVE-2017-13084 // JVNDB: JVNDB-2017-009176 // CNNVD: CNNVD-201710-386

EXTERNAL IDS

db:	CERT/CC	id:	VU#228519	Trust: 4.2
db:	NVD	id:	CVE-2017-13084	Trust: 3.7
db:	BID	id:	101274	Trust: 2.6
db:	LENOVO	id:	LEN-17420	Trust: 2.5
db:	SECTRACK	id:	1039581	Trust: 1.7
db:	SECTRACK	id:	1039576	Trust: 1.7
db:	SECTRACK	id:	1039577	Trust: 1.7
db:	SIEMENS	id:	SSA-901333	Trust: 1.7
db:	ICS CERT	id:	ICSA-17-318-01	Trust: 1.1
db:	CNVD	id:	CNVD-2017-30400	Trust: 0.8
db:	CNNVD	id:	CNNVD-201710-386	Trust: 0.8
db:	JUNIPER	id:	JSA10827	Trust: 0.8
db:	DLINK	id:	SAP10075	Trust: 0.8
db:	JVN	id:	JVNVU90609033	Trust: 0.8
db:	ICS CERT	id:	ICSA-17-318-02A	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-009176	Trust: 0.8
db:	ICS CERT	id:	ICSA-17-299-02	Trust: 0.3
db:	ICS CERT	id:	ICSMA-19-029-01	Trust: 0.3
db:	ICS CERT	id:	ICSA-17-353-02	Trust: 0.3
db:	ICS CERT	id:	ICSA-17-318-02	Trust: 0.3
db:	ICS CERT	id:	ICSMA-18-114-01	Trust: 0.3
db:	ICS CERT	id:	ICSA-17-325-01	Trust: 0.3
db:	IVD	id:	37A5AA3E-4512-466B-9BC5-AF5013C143E3	Trust: 0.2
db:	VULMON	id:	CVE-2017-13084	Trust: 0.1
db:	PACKETSTORM	id:	144663	Trust: 0.1

sources: IVD: 37a5aa3e-4512-466b-9bc5-af5013c143e3 // CERT/CC: VU#228519 // CNVD: CNVD-2017-30400 // VULMON: CVE-2017-13084 // BID: 101274 // JVNDB: JVNDB-2017-009176 // PACKETSTORM: 144663 // NVD: CVE-2017-13084 // CNNVD: CNNVD-201710-386

REFERENCES

url:	https://www.krackattacks.com/	Trust: 3.7
url:	http://www.securityfocus.com/bid/101274	Trust: 2.9
url:	http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt	Trust: 2.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa	Trust: 2.8
url:	https://access.redhat.com/security/vulnerabilities/kracks	Trust: 2.5
url:	http://www.kb.cert.org/vuls/id/228519	Trust: 2.1
url:	https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt	Trust: 1.8
url:	http://www.securitytracker.com/id/1039581	Trust: 1.7
url:	http://www.securitytracker.com/id/1039577	Trust: 1.7
url:	http://www.securitytracker.com/id/1039576	Trust: 1.7
url:	https://support.lenovo.com/us/en/product_security/len-17420	Trust: 1.7
url:	https://security.gentoo.org/glsa/201711-03	Trust: 1.7
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf	Trust: 1.7
url:	https://source.android.com/security/bulletin/2017-11-01	Trust: 1.6
url:	https://papers.mathyvanhoef.com/ccs2017.pdf	Trust: 1.1
url:	https://w1.fi/security/2017-1/	Trust: 1.1
url:	https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101&languageid=en-fr	Trust: 1.1
url:	https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080	Trust: 1.1
url:	https://ics-cert.us-cert.gov/advisories/icsa-17-318-01	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2017-13084	Trust: 0.9
url:	https://cwe.mitre.org/data/definitions/323.html	Trust: 0.8
url:	https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability	Trust: 0.8
url:	https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html	Trust: 0.8
url:	https://www.al-enterprise.com/en/support/security-alert-krack	Trust: 0.8
url:	https://support.apple.com/en-gb/ht208222	Trust: 0.8
url:	https://security.archlinux.org/avg-447	Trust: 0.8
url:	https://www.asus.com/static_webpage/asus-product-security-advisory/	Trust: 0.8
url:	https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2	Trust: 0.8
url:	https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html	Trust: 0.8
url:	https://community.cypress.com/docs/doc-13871	Trust: 0.8
url:	http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075	Trust: 0.8
url:	https://www.debian.org/security/2017/dsa-3999	Trust: 0.8
url:	http://www.dell.com/support/article/sln307822	Trust: 0.8
url:	https://github.com/espressif/esp8266_nonos_sdk	Trust: 0.8
url:	https://extremeportal.force.com/extrarticledetail?n=000018005	Trust: 0.8
url:	https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7	Trust: 0.8
url:	http://www.fortiguard.com/psirt/fg-ir-17-196	Trust: 0.8
url:	https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc	Trust: 0.8
url:	https://bugs.gentoo.org/634440	Trust: 0.8
url:	https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null&doclocale=en_us&docid=emr_na-a00029151en_us	Trust: 0.8
url:	https://kb.juniper.net/jsa10827	Trust: 0.8
url:	https://support.lenovo.com/ca/en/product_security/len-17420	Trust: 0.8
url:	http://www.microchip.com/wwwproducts/en/atwinc1500	Trust: 0.8
url:	http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html	Trust: 0.8
url:	https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837	Trust: 0.8
url:	https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715	Trust: 0.8
url:	https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf	Trust: 0.8
url:	https://www.suse.com/de-de/support/kb/doc/?id=7022107	Trust: 0.8
url:	https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/	Trust: 0.8
url:	http://www.slackware.com/changelog/stable.php?cpu=x86_64	Trust: 0.8
url:	https://community.sophos.com/kb/en-us/127658	Trust: 0.8
url:	https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j	Trust: 0.8
url:	http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm	Trust: 0.8
url:	http://support.toshiba.com/support/staticcontentdetail?contentid=4015875&isfromtoclink=false	Trust: 0.8
url:	https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365	Trust: 0.8
url:	https://usn.ubuntu.com/usn/usn-3455-1/	Trust: 0.8
url:	http://en.miui.com/thread-954223-1-1.html	Trust: 0.8
url:	https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf	Trust: 0.8
url:	http://www.zyxel.com/support/announcement_wpa2_key_management.shtml	Trust: 0.8
url:	https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk120938	Trust: 0.8
url:	https://community.rsa.com/docs/doc-84103	Trust: 0.8
url:	https://support.f5.com/csp/article/k23642330	Trust: 0.8
url:	https://forum.mikrotik.com/viewtopic.php?f=21&t=126695	Trust: 0.8
url:	https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573	Trust: 0.8
url:	https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a	Trust: 0.8
url:	https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu90609033/index.html	Trust: 0.8
url:	https://www.kb.cert.org/vuls/id/cheu-aqnmyp	Trust: 0.8
url:	https://www.kb.cert.org/vuls/id/228519/	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2017-13084	Trust: 0.4
url:	https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4	Trust: 0.3
url:	http://www.wi-fi.org/index.php	Trust: 0.3
url:	https://support.apple.com/en-ie/ht208847	Trust: 0.3
url:	https://support.apple.com/en-in/ht208334	Trust: 0.3
url:	https://support.apple.com/en-in/ht208327	Trust: 0.3
url:	https://support.apple.com/en-in/ht208325	Trust: 0.3
url:	https://ics-cert.us-cert.gov/advisories/icsa-17-353-02	Trust: 0.3
url:	https://ics-cert.us-cert.gov/advisories/icsma-18-114-01	Trust: 0.3
url:	https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html	Trust: 0.3
url:	https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html	Trust: 0.3
url:	https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2017-13077	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2017-13078	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2017-13079	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2017-13080	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2017-13081	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2017-13082	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2017-13086	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2017-13087	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2017-13088	Trust: 0.3
url:	http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf	Trust: 0.3
url:	https://ics-cert.us-cert.gov/advisories/icsa-17-299-02	Trust: 0.3
url:	https://ics-cert.us-cert.gov/advisories/icsa-17-318-02	Trust: 0.3
url:	https://ics-cert.us-cert.gov/advisories/icsa-17-325-01	Trust: 0.3
url:	https://ics-cert.us-cert.gov/advisories/icsma-19-029-01	Trust: 0.3
url:	http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html	Trust: 0.3
url:	https://access.redhat.com/errata/rhsa-2017:2907	Trust: 0.3
url:	https://access.redhat.com/errata/rhsa-2017:2911	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/330.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/kristate/krackinfo	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078	Trust: 0.1
url:	http://slackware.com	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-13078	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-13081	Trust: 0.1
url:	http://slackware.com/gpg-key	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-13082	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-13087	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-13086	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-13077	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-13079	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-13080	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-13088	Trust: 0.1
url:	http://osuosl.org)	Trust: 0.1

sources: CERT/CC: VU#228519 // CNVD: CNVD-2017-30400 // VULMON: CVE-2017-13084 // BID: 101274 // JVNDB: JVNDB-2017-009176 // PACKETSTORM: 144663 // NVD: CVE-2017-13084 // CNNVD: CNNVD-201710-386

CREDITS

Mathy Vanhoef from imec-DistriNet and KU Leuven.

Trust: 0.9

sources: BID: 101274 // CNNVD: CNNVD-201710-386

SOURCES

db:	IVD	id:	37a5aa3e-4512-466b-9bc5-af5013c143e3
db:	CERT/CC	id:	VU#228519
db:	CNVD	id:	CNVD-2017-30400
db:	VULMON	id:	CVE-2017-13084
db:	BID	id:	101274
db:	JVNDB	id:	JVNDB-2017-009176
db:	PACKETSTORM	id:	144663
db:	NVD	id:	CVE-2017-13084
db:	CNNVD	id:	CNNVD-201710-386

LAST UPDATE DATE

2023-12-18T10:44:55.150000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#228519	date:	2017-11-16T00:00:00
db:	CNVD	id:	CNVD-2017-30400	date:	2017-10-17T00:00:00
db:	VULMON	id:	CVE-2017-13084	date:	2019-10-03T00:00:00
db:	BID	id:	101274	date:	2019-02-21T09:00:00
db:	JVNDB	id:	JVNDB-2017-009176	date:	2018-02-01T00:00:00
db:	NVD	id:	CVE-2017-13084	date:	2019-10-03T00:03:26.223
db:	CNNVD	id:	CNNVD-201710-386	date:	2019-10-23T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	37a5aa3e-4512-466b-9bc5-af5013c143e3	date:	2017-10-17T00:00:00
db:	CERT/CC	id:	VU#228519	date:	2017-10-16T00:00:00
db:	CNVD	id:	CNVD-2017-30400	date:	2017-10-18T00:00:00
db:	VULMON	id:	CVE-2017-13084	date:	2017-10-17T00:00:00
db:	BID	id:	101274	date:	2017-10-16T00:00:00
db:	JVNDB	id:	JVNDB-2017-009176	date:	2017-11-06T00:00:00
db:	PACKETSTORM	id:	144663	date:	2017-10-18T20:44:00
db:	NVD	id:	CVE-2017-13084	date:	2017-10-17T13:29:00.520
db:	CNNVD	id:	CNNVD-201710-386	date:	2017-10-17T00:00:00