exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2017-15361

больше 8 лет назад

The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS.

CVSS3: 5.9

EPSS: Высокий

GHSA-qcrq-wp7v-84jc

больше 3 лет назад

The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS.

CVSS3: 5.9

EPSS: Высокий

BDU:2019-04743

больше 8 лет назад

Уязвимость библиотеки шифрования Infineon RSA Library, связанная с ошибками при генерации простых чисел в алгоритме RSA, позволяющая нарушителю раскрыть секретную часть ключа

CVSS3: 5.9

EPSS: Высокий

ADV190026

около 6 лет назад

Microsoft Guidance for cleaning up orphaned keys generated on vulnerable TPMs and used for Windows Hello for Business

EPSS: Низкий

ADV170012

больше 8 лет назад

Vulnerability in TPM could allow Security Feature Bypass

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-15361 The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS.	CVSS3: 5.9	73% Высокий	больше 8 лет назад
GHSA-qcrq-wp7v-84jc The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS.	CVSS3: 5.9	73% Высокий	больше 3 лет назад
BDU:2019-04743 Уязвимость библиотеки шифрования Infineon RSA Library, связанная с ошибками при генерации простых чисел в алгоритме RSA, позволяющая нарушителю раскрыть секретную часть ключа	CVSS3: 5.9	73% Высокий	больше 8 лет назад
ADV190026 Microsoft Guidance for cleaning up orphaned keys generated on vulnerable TPMs and used for Windows Hello for Business			около 6 лет назад
ADV170012 Vulnerability in TPM could allow Security Feature Bypass			больше 8 лет назад

Уязвимостей на страницу