CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2021-3565 – tpm2-tools: fixed AES wrapping key in tpm2_import
https://notcve.org/view.php?id=CVE-2021-3565
A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality. Se ha encontrado un fallo en tpm2-tools en versiones anteriores a 5.1.1 y versiones anteriores a la 4.3.2. La función tpm2_import usaba una clave AES fija para el contenedor inner, permitiendo potencialmente a un atacante MITM desenvolver la parte interna y revelar la clave que está siendo importada. La mayor amenaza de esta vulnerabilidad es la confidencialidad de los datos A flaw was found in tpm2-tools. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. • https://bugzilla.redhat.com/show_bug.cgi?id=1964427 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ESY6HRYUKR5ZG2K5QAJQC5S6HMKZMFK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XK5M7I66PBXSN663TSLAZ3V6TWWFCV7C https://access.redhat.com/security/cve/CVE-2021-3565 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-665: Improper Initialization CWE-798: Use of Hard-coded Credentials •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7524
https://notcve.org/view.php?id=CVE-2017-7524
tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC. Las versiones anteriores a la 1.1.1 de tpm2-tools son vulnerables a un filtrado de contraseña debido a la transmisión de contraseñas en texto plano del cliente al servidor al generar HMAC. • https://github.com/01org/tpm2.0-tools/commit/c5d72beaab1cbbbe68271f4bc4b6670d69985157 • CWE-522: Insufficiently Protected Credentials •