TPM2-Tools Versions Prior to 1.1.1: Password Leak Vulnerability

TPM2-Tools Versions Prior to 1.1.1: Password Leak Vulnerability

CVE-2017-7524 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC.

Learn more about our Cis Benchmark Audit For Server Software.