CVE-2017-13079

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-13079
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-13079.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-13079
Downstream
Related
Published
2017-10-17T13:29:00.367Z
Modified
2026-02-24T11:20:20.421279Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

References

Affected packages

Git / gitlab.com/gnutls/gnutls

Affected ranges

Type
GIT
Repo
https://gitlab.com/gnutls/gnutls
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
139c90878ed0367d1890f5fc803b49c8c43a5a37

Affected versions

Other
gnutls-0-0-7
gnutls-0-1-0-srp
gnutls-0_1_2
gnutls0-0-4
gnutls0-0-5
gnutls0-0-6
gnutls_0_1_4
gnutls_0_1_9
gnutls_0_2_0
gnutls_0_2_1
gnutls_0_2_2
gnutls_0_2_3
gnutls_0_2_4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-13079.json"