CVE-2017-15361

The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS.

CVSS v3 5.9 MEDIUM
CVSS v2.0 4.3 MEDIUM

5.9^/10

CVSS v3 : MEDIUM

V3 Legend

Vector : AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://support.lenovo.com/us/en/product_security/LEN-15552	Mitigation Third Party Advisory
http://www.securityfocus.com/bid/101484	Third Party Advisory VDB Entry
https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/	Issue Tracking Third Party Advisory
https://blog.cr.yp.to/20171105-infineon.html
https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf
https://crocs.fi.muni.cz/public/papers/rsa_ccs17	Issue Tracking Mitigation Third Party Advisory
https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/	Issue Tracking Third Party Advisory
https://github.com/crocs-muni/roca	Mitigation Third Party Advisory
https://github.com/iadgov/Detect-CVE-2017-15361-TPM	Mitigation Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01
https://keychest.net/roca	Issue Tracking Mitigation Third Party Advisory
https://monitor.certipath.com/rsatest	Mitigation Third Party Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012	Issue Tracking Patch Third Party Advisory
https://security.netapp.com/advisory/ntap-20171024-0001/
https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update	Issue Tracking Mitigation Patch Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03789en_us
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03801en_us
https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160	Mitigation Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00104.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html
https://www.kb.cert.org/vuls/id/307015	Issue Tracking Mitigation Third Party Advisory US Government Resource
https://www.yubico.com/support/security-advisories/ysa-2017-01/	Mitigation Third Party Advisory
http://support.lenovo.com/us/en/product_security/LEN-15552	Mitigation Third Party Advisory
http://www.securityfocus.com/bid/101484	Third Party Advisory VDB Entry
https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/	Issue Tracking Third Party Advisory
https://blog.cr.yp.to/20171105-infineon.html
https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf
https://crocs.fi.muni.cz/public/papers/rsa_ccs17	Issue Tracking Mitigation Third Party Advisory
https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/	Issue Tracking Third Party Advisory
https://github.com/crocs-muni/roca	Mitigation Third Party Advisory
https://github.com/iadgov/Detect-CVE-2017-15361-TPM	Mitigation Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01
https://keychest.net/roca	Issue Tracking Mitigation Third Party Advisory
https://monitor.certipath.com/rsatest	Mitigation Third Party Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012	Issue Tracking Patch Third Party Advisory
https://security.netapp.com/advisory/ntap-20171024-0001/
https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update	Issue Tracking Mitigation Patch Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03789en_us
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03801en_us
https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160	Mitigation Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00104.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html
https://www.kb.cert.org/vuls/id/307015	Issue Tracking Mitigation Third Party Advisory US Government Resource
https://www.yubico.com/support/security-advisories/ysa-2017-01/	Mitigation Third Party Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:infineon:trusted_platform_firmware:4.31:::::::*
	cpe:2.3:o:infineon:trusted_platform_firmware:4.32:::::::*
	cpe:2.3:o:infineon:trusted_platform_firmware:6.40:::::::*
	cpe:2.3:o:infineon:trusted_platform_firmware:133.32:::::::*

OR	cpe:2.3:h:acer:c720_chromebook:-:::::::*
	cpe:2.3:h:acer:chromebase:-:::::::*
	cpe:2.3:h:acer:chromebase_24:-:::::::*
	cpe:2.3:h:acer:chromebook_11_c730:-:::::::*
	cpe:2.3:h:acer:chromebook_11_c730e:-:::::::*
	cpe:2.3:h:acer:chromebook_11_c735:-:::::::*
	cpe:2.3:h:acer:chromebook_11_c740:-:::::::*
	cpe:2.3:h:acer:chromebook_11_c771:-:::::::*
	cpe:2.3:h:acer:chromebook_11_c771t:-:::::::*
	cpe:2.3:h:acer:chromebook_11_n7_c731:-:::::::*
	cpe:2.3:h:acer:chromebook_13_cb5-311:-:::::::*
	cpe:2.3:h:acer:chromebook_14_cb3-431:-:::::::*
	cpe:2.3:h:acer:chromebook_14_for_work_cp5-471:-:::::::*
	cpe:2.3:h:acer:chromebook_15_cb3-531:-:::::::*
	cpe:2.3:h:acer:chromebook_15_cb3-532:-:::::::*
	cpe:2.3:h:acer:chromebook_15_cb5-571:-:::::::*
	cpe:2.3:h:acer:chromebook_r11:-:::::::*
	cpe:2.3:h:acer:chromebook_r13_cb5-312t:-:::::::*
	cpe:2.3:h:acer:chromebox:-:::::::*
	cpe:2.3:h:acer:chromebox_cxi2:-:::::::*
	cpe:2.3:h:aopen:chromebase:-::commercial:::::
	cpe:2.3:h:aopen:chromebase:-::mini:::::
	cpe:2.3:h:aopen:chromebox:-::commercial:::::
	cpe:2.3:h:aopen:chromeboxi:-::mini:::::
	cpe:2.3:h:asi:chromebook:-:::::::*
	cpe:2.3:h:asus:chromebit_cs10:-:::::::*
	cpe:2.3:h:asus:chromebook_c200:-:::::::*
	cpe:2.3:h:asus:chromebook_c201pa:-:::::::*
	cpe:2.3:h:asus:chromebook_c202sa:-:::::::*
	cpe:2.3:h:asus:chromebook_c300:-:::::::*
	cpe:2.3:h:asus:chromebook_c300sa:-:::::::*
	cpe:2.3:h:asus:chromebook_c301sa:-:::::::*
	cpe:2.3:h:asus:chromebook_flip_c100pa:-:::::::*
	cpe:2.3:h:asus:chromebook_flip_c302:-:::::::*
	cpe:2.3:h:asus:chromebox_cn60:-:::::::*
	cpe:2.3:h:asus:chromebox_cn62:-:::::::*
	cpe:2.3:h:bobicus:chromebook_11::::::::
	cpe:2.3:h:ctl:j2_chromebook:-:::::education::
	cpe:2.3:h:ctl:j4_chromebook:-:::::education::
	cpe:2.3:h:ctl:j5_chromebook:-:::::::*
	cpe:2.3:h:ctl:n6_chromebook:-:::::education::
	cpe:2.3:h:ctl:nl61_chromebook:-:::::::*
	cpe:2.3:h:dell:chromebook_11:-:::::::*
	cpe:2.3:h:dell:chromebook_11_3120:-:::::::*
	cpe:2.3:h:dell:chromebook_11_3189:-:::::::*
	cpe:2.3:h:dell:chromebook_11_model_3180:-:::::::*
	cpe:2.3:h:dell:chromebook_13_3380:-:::::::*
	cpe:2.3:h:dell:chromebox:-:::::::*
	cpe:2.3:h:edugear:chromebook_k:-:::::::*
	cpe:2.3:h:edugear:chromebook_m:-:::::::*
	cpe:2.3:h:edugear:chromebook_r:-:::::::*
	cpe:2.3:h:edugear:cmt_chromebook:-:::::::*
	cpe:2.3:h:edxis:chromebook:-:::::::*
	cpe:2.3:h:edxis:education_chromebook:-:::::::*
	cpe:2.3:h:epik:chromebook_elb1101:-:::::::*
	cpe:2.3:h:google:pixel:-:::::::*
	cpe:2.3:h:haier:chromebook_11:-:::::::*
	cpe:2.3:h:haier:chromebook_11_c:-:::::::*
	cpe:2.3:h:haier:chromebook_11_g2:-:::::::*
	cpe:2.3:h:haier:chromebook_11e:-:::::::*
	cpe:2.3:h:hexa:chromebook_pi:-:::::::*
	cpe:2.3:h:hisense:chromebook_11:-:::::::*
	cpe:2.3:h:hp:chromebook:-:::::meetings::
	cpe:2.3:h:hp:chromebook_11-vxxx:-:::::::*
cpe:2.3:h:hp:chromebook_11_1100-1199:-:::::::*
cpe:2.3:h:hp:chromebook_11_2000-2099:-:::::::*
cpe:2.3:h:hp:chromebook_11_2100-2199:-:::::::*
cpe:2.3:h:hp:chromebook_11_2200-2299:-:::::::*
cpe:2.3:h:hp:chromebook_11_g1:-:::::::*
cpe:2.3:h:hp:chromebook_11_g2:-:::::::*
cpe:2.3:h:hp:chromebook_11_g3:-:::::::*
cpe:2.3:h:hp:chromebook_11_g4\/g4_ee:-:::::::*
cpe:2.3:h:hp:chromebook_11_g5:-:::::::*
cpe:2.3:h:hp:chromebook_11_g5_ee:-:::::::*
cpe:2.3:h:hp:chromebook_13_g1:-:::::::*
cpe:2.3:h:hp:chromebook_14:-:::::::*
cpe:2.3:h:hp:chromebook_14_ak000-099:-:::::::*
cpe:2.3:h:hp:chromebook_14_g3:-:::::::*
cpe:2.3:h:hp:chromebook_14_g4:-:::::::*
cpe:2.3:h:hp:chromebook_14_x000-x999:-:::::::*
cpe:2.3:h:hp:chromebox_cb1-\(000-099\):-:::::::*
cpe:2.3:h:hp:chromebox_g1:-:::::::*
cpe:2.3:h:lenovo:100s_chromebook:-:::::::*
cpe:2.3:h:lenovo:n20_chromebook:-:::::::*
cpe:2.3:h:lenovo:n21_chromebook:-:::::::*
cpe:2.3:h:lenovo:n22_chromebook:-:::::::*
cpe:2.3:h:lenovo:n23_chromebook:-:::::::*
cpe:2.3:h:lenovo:n23_flex_11_chromebook:-:::::::*
cpe:2.3:h:lenovo:n23_yoga_11_chromebook:-:::::::*
cpe:2.3:h:lenovo:n42_chromebook:-:::::::*
cpe:2.3:h:lenovo:thinkcentre_chromebox:-:::::::*
cpe:2.3:h:lenovo:thinkpad_11e_chromebook:-:::::::*
cpe:2.3:h:lenovo:thinkpad_13_chromebook:-:::::::*
cpe:2.3:h:lg:chromebase_22cb25s:-:::::::*
cpe:2.3:h:lg:chromebase_22cv241:-:::::::*
cpe:2.3:h:medion:akoya_s2013:-:::::::*
cpe:2.3:h:medion:chromebook_s2015:-:::::::*
cpe:2.3:h:mercer:chromebook:-:::::::*
cpe:2.3:h:mercer:v2_chromebook:-:::::::*
cpe:2.3:h:ncomputing:chromebook_cx100:-:::::::*
cpe:2.3:h:nexian:chromebook:-:::::::*
cpe:2.3:h:pcmerge:chromebook_pcm-116t-432b:-:::::::*
cpe:2.3:h:poin2:chromebook_11:-:::::::*
cpe:2.3:h:poin2:chromebook_14:-:::::::*
cpe:2.3:h:positivo:chromebook_ch1190:-:::::::*
cpe:2.3:h:prowise:entry_line_chromebook:-:::::::*
cpe:2.3:h:prowise:proline_chromebook:-:::::::*
cpe:2.3:h:rgs:education_chromebook:-:::::::*
cpe:2.3:h:samsung:chromebook_2_11:-:::::::*
cpe:2.3:h:samsung:chromebook_2_11_xe500c12:-:::::::*
cpe:2.3:h:samsung:chromebook_2_13:-:::::::*
cpe:2.3:h:samsung:chromebook_3:-:::::::*
cpe:2.3:h:samsung:chromebook_plus:-:::::::*
cpe:2.3:h:samsung:chromebook_pro:-:::::::*
cpe:2.3:h:sector-five:e1_rugged_chromebook:-:::::::*
cpe:2.3:h:senkatel:c1101_chromebook:-:::::::*
cpe:2.3:h:toshiba:chromebook:-:::::::*
cpe:2.3:h:toshiba:chromebook_2:-:::::::*
cpe:2.3:h:toshiba:chromebook_2:-::2015:::::
cpe:2.3:h:true:idc_chromebook:-:::::::*
cpe:2.3:h:true:idc_chromebook_11:-:::::::*
cpe:2.3:h:videonet:chromebook:-:::::::*
cpe:2.3:h:videonet:chromebook_bl10:-:::::::*
cpe:2.3:h:viglen:chromebook_11:-:::::::*
cpe:2.3:h:viglen:chromebook_360:-:::::::*
cpe:2.3:h:xolo:chromebook:-:::::::*

Configuration 2 (hide)

cpe:2.3:a:infineon:rsa_library:*:*:*:*:*:*:*:*

History

21 Nov 2024, 03:14

Information

Published : 2017-10-16 17:29

Updated : 2025-04-20 01:37

NVD link : CVE-2017-15361

Mitre link : CVE-2017-15361

CVE.ORG link : CVE-2017-15361

JSON object : View

Products Affected

acer

chromebook_15_cb5-571
chromebook_14_for_work_cp5-471
chromebox_cxi2
chromebook_11_c730
chromebook_r13_cb5-312t
chromebook_11_c740
chromebase
chromebase_24
chromebook_14_cb3-431
chromebook_11_c771
chromebook_11_c735
chromebook_11_n7_c731
chromebook_r11
chromebook_11_c730e
chromebook_15_cb3-532
chromebook_11_c771t
chromebox
chromebook_15_cb3-531
chromebook_13_cb5-311
c720_chromebook

dell

chromebook_11_model_3180
chromebook_11_3120
chromebox
chromebook_11
chromebook_11_3189
chromebook_13_3380

chromebook_11_g1
chromebox_g1
chromebook
chromebook_11_1100-1199
chromebook_14_x000-x999
chromebook_11_2000-2099
chromebook_11_g5
chromebook_14_g4
chromebook_11_2200-2299
chromebook_14
chromebook_11_g5_ee
chromebook_13_g1
chromebook_11_g3
chromebook_14_g3
chromebook_11_g4\/g4_ee
chromebook_14_ak000-099
chromebox_cb1-\(000-099\)
chromebook_11_2100-2199
chromebook_11-vxxx
chromebook_11_g2

lenovo

n22_chromebook
thinkpad_13_chromebook
thinkcentre_chromebox
100s_chromebook
n23_flex_11_chromebook
thinkpad_11e_chromebook
n23_yoga_11_chromebook
n42_chromebook
n20_chromebook
n23_chromebook
n21_chromebook

edxis

chromebook
education_chromebook

true

idc_chromebook
idc_chromebook_11

samsung

chromebook_2_11
chromebook_plus
chromebook_pro
chromebook_2_11_xe500c12
chromebook_2_13
chromebook_3

poin2

chromebook_14
chromebook_11

haier

chromebook_11e
chromebook_11_c
chromebook_11
chromebook_11_g2

pcmerge

chromebook_pcm-116t-432b

asus

chromebit_cs10
chromebox_cn60
chromebook_c202sa
chromebook_c301sa
chromebook_c300sa
chromebook_c300
chromebook_c200
chromebook_flip_c302
chromebox_cn62
chromebook_c201pa
chromebook_flip_c100pa

medion

chromebook_s2015
akoya_s2013

prowise

proline_chromebook
entry_line_chromebook

aopen

chromeboxi
chromebase
chromebox

hisense

chromebook_11

ctl

j2_chromebook
j4_chromebook
j5_chromebook
nl61_chromebook
n6_chromebook

mercer

v2_chromebook
chromebook

google

pixel

hexa

chromebook_pi

chromebase_22cv241
chromebase_22cb25s

edugear

chromebook_r
chromebook_m
cmt_chromebook
chromebook_k

infineon

rsa_library
trusted_platform_firmware

rgs

education_chromebook

senkatel

c1101_chromebook

xolo

chromebook

positivo

chromebook_ch1190

ncomputing

chromebook_cx100

toshiba

chromebook
chromebook_2

asi

chromebook

bobicus

chromebook_11

viglen

chromebook_11
chromebook_360

videonet

chromebook
chromebook_bl10

sector-five

e1_rugged_chromebook

epik

chromebook_elb1101

nexian

chromebook

CWE

NVD-CWE-noinfo

{"id": "CVE-2017-15361", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2017-10-16T17:29:00.243", "references": [{"url": "http://support.lenovo.com/us/en/product_security/LEN-15552", "tags": ["Mitigation", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/101484", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://blog.cr.yp.to/20171105-infineon.html", "source": "cve@mitre.org"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf", "source": "cve@mitre.org"}, {"url": "https://crocs.fi.muni.cz/public/papers/rsa_ccs17", "tags": ["Issue Tracking", "Mitigation", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/crocs-muni/roca", "tags": ["Mitigation", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/iadgov/Detect-CVE-2017-15361-TPM", "tags": ["Mitigation", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01", "source": "cve@mitre.org"}, {"url": "https://keychest.net/roca", "tags": ["Issue Tracking", "Mitigation", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://monitor.certipath.com/rsatest", "tags": ["Mitigation", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://security.netapp.com/advisory/ntap-20171024-0001/", "source": "cve@mitre.org"}, {"url": "https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update", "tags": ["Issue Tracking", "Mitigation", "Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03789en_us", "source": "cve@mitre.org"}, {"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03801en_us", "source": "cve@mitre.org"}, {"url": "https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160", "tags": ["Mitigation", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00104.html", "source": "cve@mitre.org"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html", "source": "cve@mitre.org"}, {"url": "https://www.kb.cert.org/vuls/id/307015", "tags": ["Issue Tracking", "Mitigation", "Third Party Advisory", "US Government Resource"], "source": "cve@mitre.org"}, {"url": "https://www.yubico.com/support/security-advisories/ysa-2017-01/", "tags": ["Mitigation", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://support.lenovo.com/us/en/product_security/LEN-15552", "tags": ["Mitigation", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/101484", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://blog.cr.yp.to/20171105-infineon.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://crocs.fi.muni.cz/public/papers/rsa_ccs17", "tags": ["Issue Tracking", "Mitigation", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/crocs-muni/roca", "tags": ["Mitigation", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/iadgov/Detect-CVE-2017-15361-TPM", "tags": ["Mitigation", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://keychest.net/roca", "tags": ["Issue Tracking", "Mitigation", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://monitor.certipath.com/rsatest", "tags": ["Mitigation", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.netapp.com/advisory/ntap-20171024-0001/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update", "tags": ["Issue Tracking", "Mitigation", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03789en_us", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03801en_us", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160", "tags": ["Mitigation", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00104.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.kb.cert.org/vuls/id/307015", "tags": ["Issue Tracking", "Mitigation", "Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.yubico.com/support/security-advisories/ysa-2017-01/", "tags": ["Mitigation", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS."}, {"lang": "es", "value": "La librer\u00c3\u00ada Infineon RSA 1.02.013 en firmware Infineon Trusted Platform Module (TPM) como las versiones anteriores a la 0000000000000422 - 4.34, anteriores a la 000000000000062b - 6.43 y anteriores a la 0000000000008521 - 133.33, gestiona de manera incorrecta la generaci\u00c3\u00b3n de claves RSA, lo que hace que sea m\u00c3\u00a1s f\u00c3\u00a1cil para los atacantes superar varios mecanismos de protecci\u00c3\u00b3n criptogr\u00c3\u00a1fica mediante ataques dirigidos, conocido como ROCA. Ejemplos de las tecnolog\u00c3\u00adas afectadas son BitLocker con TPM 1.2, la generaci\u00c3\u00b3n de claves PGP con YubiKey 4 (en versiones anteriores a la 4.3.5) y la caracter\u00c3\u00adstica de cifrado Cached User Data en Chrome OS."}], "lastModified": "2025-04-20T01:37:25.860", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:infineon:trusted_platform_firmware:4.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D825C88-A5D7-4C1F-B09B-FF63FCE1B5F7"}, {"criteria": "cpe:2.3:o:infineon:trusted_platform_firmware:4.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C08FA98-E0C2-4382-94BD-5C40DECD1DB5"}, {"criteria": "cpe:2.3:o:infineon:trusted_platform_firmware:6.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4751A17-AD4C-4F50-B0DD-4E02427BBA2E"}, {"criteria": "cpe:2.3:o:infineon:trusted_platform_firmware:133.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A8A144B-1859-4C49-8AC4-10EB0FD740F5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:acer:c720_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "878D0151-EE41-4EF6-A424-DA855C18986A"}, {"criteria": "cpe:2.3:h:acer:chromebase:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "57181990-1011-424B-8B0D-4FCBEE35E888"}, {"criteria": "cpe:2.3:h:acer:chromebase_24:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "11A4C072-B9A0-47ED-8060-AA0159AF0020"}, {"criteria": "cpe:2.3:h:acer:chromebook_11_c730:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "088996B8-E506-4A50-8EB0-5A1258D681AC"}, {"criteria": "cpe:2.3:h:acer:chromebook_11_c730e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B50E8CCB-3B69-42E4-8AEE-88D0D7B9EB2F"}, {"criteria": "cpe:2.3:h:acer:chromebook_11_c735:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3F326698-B295-4807-A4B4-0BAA9B66589E"}, {"criteria": "cpe:2.3:h:acer:chromebook_11_c740:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BDAE0DD7-5608-4556-9978-EE7E01023DA8"}, {"criteria": "cpe:2.3:h:acer:chromebook_11_c771:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AE7D2911-0265-4B37-8CD8-42DCEC7EABDB"}, {"criteria": "cpe:2.3:h:acer:chromebook_11_c771t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3DD548B-AD54-4C47-9134-6B7A2398160B"}, {"criteria": "cpe:2.3:h:acer:chromebook_11_n7_c731:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3ADB4F13-0684-424B-AA6B-8A7018777984"}, {"criteria": "cpe:2.3:h:acer:chromebook_13_cb5-311:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "295D21FA-D8D2-4C19-A5B6-50D7281B2A59"}, {"criteria": "cpe:2.3:h:acer:chromebook_14_cb3-431:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "08683AB6-D690-408C-A5C7-9EF32A40876D"}, {"criteria": "cpe:2.3:h:acer:chromebook_14_for_work_cp5-471:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "47665085-66B9-4E11-9D20-3A5A73352D91"}, {"criteria": "cpe:2.3:h:acer:chromebook_15_cb3-531:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6B6973F7-0B85-4064-8879-543A243D8A8B"}, {"criteria": "cpe:2.3:h:acer:chromebook_15_cb3-532:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "72BE3BCF-6FE8-46F1-B774-60916DE234CF"}, {"criteria": "cpe:2.3:h:acer:chromebook_15_cb5-571:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0413E176-3B87-4333-A9FB-A0727015ACDC"}, {"criteria": "cpe:2.3:h:acer:chromebook_r11:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "075859B8-D6BE-45BB-81A0-C89792743BB1"}, {"criteria": "cpe:2.3:h:acer:chromebook_r13_cb5-312t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E2A25AC3-0FB5-4F01-9865-0938E3976D96"}, {"criteria": "cpe:2.3:h:acer:chromebox:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7D33132B-CC32-4640-8BF7-F8FCF80F6EC0"}, {"criteria": "cpe:2.3:h:acer:chromebox_cxi2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CFA85C38-CDBC-4163-8105-4E902ADD747A"}, {"criteria": "cpe:2.3:h:aopen:chromebase:-:*:commercial:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A5821187-153C-48BD-802B-89FD159755D2"}, {"criteria": "cpe:2.3:h:aopen:chromebase:-:*:mini:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6D656A2B-6234-4BB2-A5CC-54B4EBA59FE9"}, {"criteria": "cpe:2.3:h:aopen:chromebox:-:*:commercial:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "589B967C-3EF0-42DF-9FEF-C3411AC38B4E"}, {"criteria": "cpe:2.3:h:aopen:chromeboxi:-:*:mini:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3CB7F169-02A0-44B4-816B-0135DFD46905"}, {"criteria": "cpe:2.3:h:asi:chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8DF33E72-2E47-4D41-9B05-8D13B26694F0"}, {"criteria": "cpe:2.3:h:asus:chromebit_cs10:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "68B8BACC-0F84-41A6-BBE0-3987B1E56A8D"}, {"criteria": "cpe:2.3:h:asus:chromebook_c200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "280E26E9-5075-469C-A1B1-0CC833B32520"}, {"criteria": "cpe:2.3:h:asus:chromebook_c201pa:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "85F1DF93-A998-4528-9C82-721D16698FA3"}, {"criteria": "cpe:2.3:h:asus:chromebook_c202sa:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3ADFFC94-7F7A-40CF-817B-483BBDCCB66D"}, {"criteria": "cpe:2.3:h:asus:chromebook_c300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BA7EA3C8-8B68-4BE1-9C2D-FAFC4AF8EA7B"}, {"criteria": "cpe:2.3:h:asus:chromebook_c300sa:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "66CB44E8-A520-4291-9D48-5ED4BD2B9FB2"}, {"criteria": "cpe:2.3:h:asus:chromebook_c301sa:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6530E801-A924-4B0D-9602-92D320828C75"}, {"criteria": "cpe:2.3:h:asus:chromebook_flip_c100pa:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AB4C201C-3C87-4FC6-A48E-1428EA481195"}, {"criteria": "cpe:2.3:h:asus:chromebook_flip_c302:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3C9716ED-3AEA-439B-9148-C66CC98D0D6B"}, {"criteria": "cpe:2.3:h:asus:chromebox_cn60:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3EE2D4E6-CD1A-4336-9C1A-7B8FA5377CB0"}, {"criteria": "cpe:2.3:h:asus:chromebox_cn62:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A308E84E-1044-41EC-A7A2-2A0E5A5DAD02"}, {"criteria": "cpe:2.3:h:bobicus:chromebook_11:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FAEB2859-2C44-410C-85F9-B37339161245"}, {"criteria": "cpe:2.3:h:ctl:j2_chromebook:-:*:*:*:*:education:*:*", "vulnerable": false, "matchCriteriaId": "48E098F9-7EFD-452B-9A9C-383039BF8150"}, {"criteria": "cpe:2.3:h:ctl:j4_chromebook:-:*:*:*:*:education:*:*", "vulnerable": false, "matchCriteriaId": "51F47A6C-430C-4635-BF8F-E837F37673FD"}, {"criteria": "cpe:2.3:h:ctl:j5_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7FBD6167-984D-492E-AA47-468678051CEC"}, {"criteria": "cpe:2.3:h:ctl:n6_chromebook:-:*:*:*:*:education:*:*", "vulnerable": false, "matchCriteriaId": "0E93EBE6-B016-42C1-A65A-4B14038DA0A7"}, {"criteria": "cpe:2.3:h:ctl:nl61_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7987CC19-4679-47A6-B2B9-8D0A9F804925"}, {"criteria": "cpe:2.3:h:dell:chromebook_11:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "42D5DB45-A37D-48BE-9F00-C2108D47A4D2"}, {"criteria": "cpe:2.3:h:dell:chromebook_11_3120:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F36AB1C2-6B81-49F7-998A-4E5A0692C161"}, {"criteria": "cpe:2.3:h:dell:chromebook_11_3189:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E1F0D7C4-DB72-41CC-A163-BF9CA4315BCB"}, {"criteria": "cpe:2.3:h:dell:chromebook_11_model_3180:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "187CCE09-CC6D-455A-96A7-91667C22FCF4"}, {"criteria": "cpe:2.3:h:dell:chromebook_13_3380:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A6BE3D28-7E3F-419C-84E3-A29D858AADEF"}, {"criteria": "cpe:2.3:h:dell:chromebox:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "455A3086-A52F-49DC-993F-E3FA17A3BE15"}, {"criteria": "cpe:2.3:h:edugear:chromebook_k:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8534D121-1A3A-42C1-BC0E-B37012A5F7C7"}, {"criteria": "cpe:2.3:h:edugear:chromebook_m:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BF753670-DD77-415D-BD4B-17D41F975A0D"}, {"criteria": "cpe:2.3:h:edugear:chromebook_r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9B0E191E-A0D9-4B8C-929B-012DF95A1FE3"}, {"criteria": "cpe:2.3:h:edugear:cmt_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BE234602-9C70-425B-A677-382775EDC564"}, {"criteria": "cpe:2.3:h:edxis:chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "04C5FAF4-1B36-4379-A530-6AB0509E69DA"}, {"criteria": "cpe:2.3:h:edxis:education_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8676FD39-8386-42D7-B551-A794B83268D3"}, {"criteria": "cpe:2.3:h:epik:chromebook_elb1101:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F8B403CE-EDC1-426F-94A4-B19FAEEAC8EC"}, {"criteria": "cpe:2.3:h:google:pixel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B17D3A78-87DD-44CD-AB11-3E42AEB1A1D9"}, {"criteria": "cpe:2.3:h:haier:chromebook_11:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "98D228FA-C7BD-4FA9-9885-4E2331E81966"}, {"criteria": "cpe:2.3:h:haier:chromebook_11_c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BA2A4B85-5CA1-4D00-9F39-841FB6DE94EE"}, {"criteria": "cpe:2.3:h:haier:chromebook_11_g2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8833B8E1-E49E-4DA9-988C-B0615468DDFF"}, {"criteria": "cpe:2.3:h:haier:chromebook_11e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9EAD51FB-53D2-44BA-8C0B-70305E5C264E"}, {"criteria": "cpe:2.3:h:hexa:chromebook_pi:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D4DA08F6-67F6-4577-8959-19290EF58553"}, {"criteria": "cpe:2.3:h:hisense:chromebook_11:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "29036285-F6EB-4BCA-A338-0266F10A4B13"}, {"criteria": "cpe:2.3:h:hp:chromebook:-:*:*:*:*:meetings:*:*", "vulnerable": false, "matchCriteriaId": "106D11AE-4322-455C-B10E-FD4F2992B4DF"}, {"criteria": "cpe:2.3:h:hp:chromebook_11-vxxx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CE44E53F-383A-43E0-9B67-F736749764B9"}, {"criteria": "cpe:2.3:h:hp:chromebook_11_1100-1199:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "72E87B3E-5E9D-419F-BFF6-C550A26B9D31"}, {"criteria": "cpe:2.3:h:hp:chromebook_11_2000-2099:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "89E336A5-8C90-405B-846F-003856AF8336"}, {"criteria": "cpe:2.3:h:hp:chromebook_11_2100-2199:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "613BB633-7F07-4F3F-9327-B308E542FB6F"}, {"criteria": "cpe:2.3:h:hp:chromebook_11_2200-2299:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BBD37DD3-C729-4851-ACBE-D72848FDBAB5"}, {"criteria": "cpe:2.3:h:hp:chromebook_11_g1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62F027B0-FC37-4F25-BAF2-78C8E695C9E4"}, {"criteria": "cpe:2.3:h:hp:chromebook_11_g2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "433AC4ED-752F-4B33-A294-CF2A82D8C12C"}, {"criteria": "cpe:2.3:h:hp:chromebook_11_g3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9AC8BDF0-F181-491D-88E7-8DD1FB5DC217"}, {"criteria": "cpe:2.3:h:hp:chromebook_11_g4\\/g4_ee:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A50F3009-FD55-454D-8BBB-C8CC7B692092"}, {"criteria": "cpe:2.3:h:hp:chromebook_11_g5:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F2A8ECDE-FA43-42C8-A866-24909A2ACA1E"}, {"criteria": "cpe:2.3:h:hp:chromebook_11_g5_ee:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "26C827F6-3C93-48DB-B8EE-4C8B715CC66C"}, {"criteria": "cpe:2.3:h:hp:chromebook_13_g1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FC73A69B-777B-498E-B7C9-2D98D26E4864"}, {"criteria": "cpe:2.3:h:hp:chromebook_14:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8BB89A0E-A308-4FAC-8FF6-83B3A932D549"}, {"criteria": "cpe:2.3:h:hp:chromebook_14_ak000-099:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "808093B3-07B4-48DE-9784-0ABA100187F8"}, {"criteria": "cpe:2.3:h:hp:chromebook_14_g3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AB8B82E0-BE77-4A6F-B867-AE51E775146D"}, {"criteria": "cpe:2.3:h:hp:chromebook_14_g4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1F00BDBE-F0D2-4B8C-BD8E-C1E52CBE216E"}, {"criteria": "cpe:2.3:h:hp:chromebook_14_x000-x999:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4233E3FD-B9A5-43BF-9C7F-80BF7446CD5D"}, {"criteria": "cpe:2.3:h:hp:chromebox_cb1-\\(000-099\\):-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B4DB5A7A-310D-442F-BE25-41A573EC8341"}, {"criteria": "cpe:2.3:h:hp:chromebox_g1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "71390570-8953-493B-9EF7-78D4A9AD0156"}, {"criteria": "cpe:2.3:h:lenovo:100s_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3DD500A-CF2D-491A-AD2E-6201899840AE"}, {"criteria": "cpe:2.3:h:lenovo:n20_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F17AAE58-B621-4737-8045-4ACD5FCB1090"}, {"criteria": "cpe:2.3:h:lenovo:n21_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "86B3EEBB-44DC-4923-AABB-FF3633C570BC"}, {"criteria": "cpe:2.3:h:lenovo:n22_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CC42851D-E264-40C4-B44C-3CF3AAB3AE41"}, {"criteria": "cpe:2.3:h:lenovo:n23_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ED745A48-294A-4FB7-A845-8B99D3848F54"}, {"criteria": "cpe:2.3:h:lenovo:n23_flex_11_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "59891EF1-7733-4E02-A3D7-F48ECECACF6E"}, {"criteria": "cpe:2.3:h:lenovo:n23_yoga_11_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "612C3ED3-1A90-4E35-A69A-87336107D2FE"}, {"criteria": "cpe:2.3:h:lenovo:n42_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9F6E4D71-085F-4CF0-A95C-F6A139A7BDD8"}, {"criteria": "cpe:2.3:h:lenovo:thinkcentre_chromebox:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5580DCA1-A57C-4A49-99C7-4C31910E8C66"}, {"criteria": "cpe:2.3:h:lenovo:thinkpad_11e_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9CAE0B2B-A078-4E08-BD4D-2E27E72061B6"}, {"criteria": "cpe:2.3:h:lenovo:thinkpad_13_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4B481236-6FD6-47CC-925A-1580894DED37"}, {"criteria": "cpe:2.3:h:lg:chromebase_22cb25s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7DE1EB6A-BCE0-443B-843C-83A4A74480FE"}, {"criteria": "cpe:2.3:h:lg:chromebase_22cv241:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EDE08B38-D2E4-46FF-BDBF-101516B7F760"}, {"criteria": "cpe:2.3:h:medion:akoya_s2013:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1F934EA3-1BEB-4E0F-88BA-2A8519891D1E"}, {"criteria": "cpe:2.3:h:medion:chromebook_s2015:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9737D5FA-076F-45CF-BE72-4AC92A16ACE9"}, {"criteria": "cpe:2.3:h:mercer:chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "51F7E626-C417-4164-93E8-86FF2CA81210"}, {"criteria": "cpe:2.3:h:mercer:v2_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "35C6DD3A-6622-41B3-B716-9020DE5674A8"}, {"criteria": "cpe:2.3:h:ncomputing:chromebook_cx100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F7D02136-E17B-4D4F-9773-14B0E3CF674A"}, {"criteria": "cpe:2.3:h:nexian:chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "993BF4EC-0564-47D8-A920-37D4D2FF1F6B"}, {"criteria": "cpe:2.3:h:pcmerge:chromebook_pcm-116t-432b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "43E3E313-4177-4791-A405-36A9E20023E1"}, {"criteria": "cpe:2.3:h:poin2:chromebook_11:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FE1EABBA-125A-48D2-A851-CAF5AEB3FF0C"}, {"criteria": "cpe:2.3:h:poin2:chromebook_14:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D92963A3-720A-495E-8EEF-D96B782CF4F3"}, {"criteria": "cpe:2.3:h:positivo:chromebook_ch1190:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E62BD4DE-D78E-4C70-A54C-7655E1418073"}, {"criteria": "cpe:2.3:h:prowise:entry_line_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A5803975-6443-49F0-B2E2-2CE362F15B0B"}, {"criteria": "cpe:2.3:h:prowise:proline_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5510D58D-A29E-426B-98B8-D3FF0DF05728"}, {"criteria": "cpe:2.3:h:rgs:education_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D29D3147-8560-4380-8940-AC2B1CE76B95"}, {"criteria": "cpe:2.3:h:samsung:chromebook_2_11:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F4116587-2E83-4ABA-8B9A-E0A80C3B6A1E"}, {"criteria": "cpe:2.3:h:samsung:chromebook_2_11_xe500c12:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "813366C6-684F-4A0E-BCDE-C8A4A389B905"}, {"criteria": "cpe:2.3:h:samsung:chromebook_2_13:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B2F0A50F-4D99-434E-B198-3AE48B5E7413"}, {"criteria": "cpe:2.3:h:samsung:chromebook_3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9246074B-C1F2-494D-B4BB-0F7BB3CAF688"}, {"criteria": "cpe:2.3:h:samsung:chromebook_plus:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BF56D6E5-4F7B-45E4-A35A-0AD13B045580"}, {"criteria": "cpe:2.3:h:samsung:chromebook_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "881D9BFA-8ACA-4188-A72A-BE48AFEED4F7"}, {"criteria": "cpe:2.3:h:sector-five:e1_rugged_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "99E9041D-FA9A-4FDF-B5CF-DC479FA982A6"}, {"criteria": "cpe:2.3:h:senkatel:c1101_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F2E5D8DD-4BC2-4E5A-854F-E24AE48B1FE0"}, {"criteria": "cpe:2.3:h:toshiba:chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B7535529-897C-4D66-87FF-638DA60D7E3D"}, {"criteria": "cpe:2.3:h:toshiba:chromebook_2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "42996DF5-8D88-4D65-827E-59AC8FAE90EB"}, {"criteria": "cpe:2.3:h:toshiba:chromebook_2:-:*:2015:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BA9D7740-2232-4ACC-861F-58CD3F4ABCDD"}, {"criteria": "cpe:2.3:h:true:idc_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1EF68C69-3504-4209-BE16-33F7537C7D1E"}, {"criteria": "cpe:2.3:h:true:idc_chromebook_11:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9AEFDE24-B175-4DA2-AD5A-37F42DF3AF8A"}, {"criteria": "cpe:2.3:h:videonet:chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8D2C8ABD-12F1-4710-B6D6-DF8ADCC37CED"}, {"criteria": "cpe:2.3:h:videonet:chromebook_bl10:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0EAB3D5B-99CF-48C8-A543-2672AEAB1362"}, {"criteria": "cpe:2.3:h:viglen:chromebook_11:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9D42B185-D644-4149-8616-DC292A8D3AF2"}, {"criteria": "cpe:2.3:h:viglen:chromebook_360:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "75761B52-09E9-4B04-8E6A-0928439E429C"}, {"criteria": "cpe:2.3:h:xolo:chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "65407B5D-E6DD-4994-813C-BD5543111FBB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:infineon:rsa_library:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43DDE644-1B5C-4B9E-9E91-1F9F2A1185D4", "versionEndIncluding": "1.02.013"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

5.9 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2017-15361

5.9^/10

4.3^/10

Attach tags to `CVE-2017-15361`