Vulnerabilities (CVE)

Filtered by vendor Tpm2-tools Project Subscribe
Filtered by product Tpm2-tools
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3565 3 Fedoraproject, Redhat, Tpm2-tools Project 3 Fedora, Enterprise Linux, Tpm2-tools 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality.