This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Severe flaw in WPA2 - cracked

marko_teklic
New Contributor

‎10-15-2017 11:27 PM

when can we expect to see update for this https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-tra...
153 REPLIES 153

steven_veron
New Contributor III
In response to chad_sarvis

‎10-16-2017 08:25 AM

I'm reading it the same way. From the infrastructure side, if you don't use 802.11r you aren't vulnerable/liable? The other parts are all on the client manufacturers?
0 Kudos

jesse_johnston_
New Contributor III
In response to chad_sarvis

‎10-16-2017 08:30 AM

Right from the first paragraph:
"Of the ten vulnerabilities, Meraki access points (AP) are only affected by one (CVE: 2017-13082)."

CVE: 2017-13082

802.11r Fast-BSS Transition(FT)

Access Points

0 Kudos

charles_sprick1
New Contributor III
In response to chad_sarvis

‎10-17-2017 12:29 AM

Ruckus makes some great gear, but good god do they suck at communicating with their customers - both issues like this and general transparency.

jesse_johnston_
New Contributor III

‎10-16-2017 08:08 AM

From the white paper:
"Our key reinstallation attack also breaks the PeerKey, group key, and Fast BSS Transition (FT) handshake. The impact depends on the handshake being attacked, and the data-confidentiality protocol in use."
0 Kudos

robert_lowe_722
Contributor III

‎10-16-2017 08:09 AM

No its more than that but maybe not effecting Meraki. For example it effects most Vendors who have Mesh functionality.
This Aruba Blogpost gives a good explanation: http://community.arubanetworks.com/t5/Technology-Blog/WPA2-Key-Reinstallation-Attacks/ba-p/310045
0 Kudos
Copyright © 2024 Khoros, LLC