GHSA-62m4-8mv5-x4gc

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC.

Ссылки

EPSS

Процентиль: 48%

0.00248

Низкий

7.5 High

CVSS3

CVE ID

CVE-2017-7524

Дефекты

CWE-522

Связанные уязвимости

CVE-2017-7524

CVSS3: 7.5

ubuntu

больше 8 лет назад

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC.

CVE-2017-7524

CVSS3: 5.3

redhat

больше 8 лет назад

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC.

CVE-2017-7524

CVSS3: 7.5

nvd

больше 8 лет назад

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC.

CVE-2017-7524

CVSS3: 7.5

debian

больше 8 лет назад

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due ...

EPSS

Процентиль: 48%

0.00248

Низкий

7.5 High

CVSS3

CVE ID

CVE-2017-7524

Дефекты

CWE-522