Rapid7 Vulnerability & Exploit Database

FreeBSD: VID-1F8DE723-DAB3-11E7-B5AF-A4BADB2F4699 (CVE-2017-1307): FreeBSD -- WPA2 protocol vulnerability

Back to Search

FreeBSD: VID-1F8DE723-DAB3-11E7-B5AF-A4BADB2F4699 (CVE-2017-1307): FreeBSD -- WPA2 protocol vulnerability

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
10/16/2017
Created
07/25/2018
Added
12/06/2017
Modified
12/20/2017

Description

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From VID-1F8DE723-DAB3-11E7-B5AF-A4BADB2F4699:

Problem Description:

A vulnerability was found in how a number of implementations

can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK,

or IGTK) by replaying a specific frame that is used to

manage the keys.

Impact:

Such reinstallation of the encryption key can result in

two different types of vulnerabilities: disabling replay

protection and significantly reducing the security of

encryption to the point of allowing frames to be decrypted

or some parts of the keys to be determined by an attacker

depending on which cipher is used.

Solution(s)

  • freebsd-upgrade-base-10_3-release-p22
  • freebsd-upgrade-base-10_4-release-p1
  • freebsd-upgrade-base-11_0-release-p13
  • freebsd-upgrade-base-11_1-release-p2

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;