CVE-2017-7524

Published: Jun 27, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC.

Vendor	Product	Versions
TPM 2.0 Tools	tpm2-tools	affected `before 1.1.1`

Weaknesses (CWE)

CWE-522

References

https://github.com/01org/tpm2.0-tools/commit/c5d72beaab1cbbbe68271f4bc4b6670d69985157

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-7524

Description

Affected Products

Weaknesses (CWE)

References