CVE-2017-7524

Опубликовано: 27 июн. 2017

Источник: debian

Описание

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
tpm2-tools	fixed	2.1.0-1		package

Примечания

https://github.com/01org/tpm2.0-tools/commit/c5d72beaab1cbbbe68271f4bc4b6670d69985157

Связанные уязвимости

CVE-2017-7524

CVSS3: 7.5

ubuntu

больше 8 лет назад

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC.

CVE-2017-7524

CVSS3: 5.3

redhat

больше 8 лет назад

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC.

CVE-2017-7524

CVSS3: 7.5

nvd

больше 8 лет назад

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC.

GHSA-62m4-8mv5-x4gc

CVSS3: 7.5

github

больше 3 лет назад

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC.