PT-2008-6372 · Wi Fi Alliance · Wpa2+1
Published
2008-11-25
·
Updated
2008-12-03
·
CVE-2008-5230
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Cisco products (affected versions not specified)
Other vendors' products (affected versions not specified)
Description
The issue concerns the Temporal Key Integrity Protocol (TKIP) implementation used in WPA and WPA2 on Wi-Fi networks. It has insufficient countermeasures against certain crafted and replayed packets. This makes it easier for remote attackers to decrypt packets from an access point (AP) to a client and spoof packets from an AP to a client. Attackers can conduct ARP poisoning attacks or other attacks.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wpa
Wpa2