CVE-2017-13080
MEDIUM5.3EPSS 0.95%Published: 10/17/2017Modified: 12/3/2025
Also known as:ALPINE-CVE-2017-13080DEBIAN-CVE-2017-13080
Description
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
Affected packages (5)
- Alpine/hostapdfrom 0, < 2.6-r2
- Alpine/wpa_supplicantfrom 0, < 2.6-r7
- Debian/firmware-nonfreefrom 0, < 20180825-1
- Debian/linuxfrom 0, < 4.13.13-1
- Debian/wpafrom 0, < 2:2.4-1.1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.3 | CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |