National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2017-15361

Change History

Initial Analysis - 11/8/2017 10:19:48 AM

Action Type Old Value New Value
Added CVSS V3
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Changed Reference Type
https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update No Types Assigned
https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update Issue Tracking, Mitigation, Patch, Third Party Advisory
Changed Reference Type
https://github.com/crocs-muni/roca No Types Assigned
https://github.com/crocs-muni/roca Mitigation, Third Party Advisory
Changed Reference Type
http://support.lenovo.com/us/en/product_security/LEN-15552 No Types Assigned
http://support.lenovo.com/us/en/product_security/LEN-15552 Mitigation, Third Party Advisory
Changed Reference Type
https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160 No Types Assigned
https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160 Mitigation, Vendor Advisory
Changed Reference Type
https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/ No Types Assigned
https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/ Issue Tracking, Third Party Advisory
Added CWE
CWE-310
Changed Reference Type
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012 No Types Assigned
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012 Issue Tracking, Patch, Third Party Advisory
Changed Reference Type
https://crocs.fi.muni.cz/public/papers/rsa_ccs17 No Types Assigned
https://crocs.fi.muni.cz/public/papers/rsa_ccs17 Issue Tracking, Mitigation, Third Party Advisory
Added CVSS V2
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Changed Reference Type
http://www.securityfocus.com/bid/101484 No Types Assigned
http://www.securityfocus.com/bid/101484 Third Party Advisory, VDB Entry
Changed Reference Type
https://www.kb.cert.org/vuls/id/307015 No Types Assigned
https://www.kb.cert.org/vuls/id/307015 Issue Tracking, Mitigation, Third Party Advisory, US Government Resource
Added CPE Configuration
OR
     *cpe:2.3:a:infineon:rsa_library:1.02.013:*:*:*:*:*:*:* (and previous)
Added CPE Configuration
AND
     OR
          *cpe:2.3:o:infineon:trusted_platform_firmware:4.31:*:*:*:*:*:*:*
          *cpe:2.3:o:infineon:trusted_platform_firmware:4.32:*:*:*:*:*:*:*
          *cpe:2.3:o:infineon:trusted_platform_firmware:6.40:*:*:*:*:*:*:*
          *cpe:2.3:o:infineon:trusted_platform_firmware:133.32:*:*:*:*:*:*:*
     OR
          cpe:2.3:h:acer:c720_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebase:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebase_24:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebook_11_c730:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebook_11_c730e:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebook_11_c735:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebook_11_c740:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebook_11_c771:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebook_11_c771t:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebook_11_n7_c731:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebook_13_cb5-311:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebook_14_cb3-431:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebook_14_for_work_cp5-471:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebook_15_cb3-531:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebook_15_cb3-532:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebook_15_cb5-571:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebook_r11:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebook_r13_cb5-312t:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebox:-:*:*:*:*:*:*:*
          cpe:2.3:h:acer:chromebox_cxi2:-:*:*:*:*:*:*:*
          cpe:2.3:h:aopen:chromebase:-:*:commercial:*:*:*:*:*
          cpe:2.3:h:aopen:chromebase:-:*:mini:*:*:*:*:*
          cpe:2.3:h:aopen:chromebox:-:*:commercial:*:*:*:*:*
          cpe:2.3:h:aopen:chromeboxi:-:*:mini:*:*:*:*:*
          cpe:2.3:h:asi:chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:asus:chromebit_cs10:-:*:*:*:*:*:*:*
          cpe:2.3:h:asus:chromebook_c200:-:*:*:*:*:*:*:*
          cpe:2.3:h:asus:chromebook_c201pa:-:*:*:*:*:*:*:*
          cpe:2.3:h:asus:chromebook_c202sa:-:*:*:*:*:*:*:*
          cpe:2.3:h:asus:chromebook_c300:-:*:*:*:*:*:*:*
          cpe:2.3:h:asus:chromebook_c300sa:-:*:*:*:*:*:*:*
          cpe:2.3:h:asus:chromebook_c301sa:-:*:*:*:*:*:*:*
          cpe:2.3:h:asus:chromebook_flip_c100pa:-:*:*:*:*:*:*:*
          cpe:2.3:h:asus:chromebook_flip_c302:-:*:*:*:*:*:*:*
          cpe:2.3:h:asus:chromebox_cn60:-:*:*:*:*:*:*:*
          cpe:2.3:h:asus:chromebox_cn62:-:*:*:*:*:*:*:*
          cpe:2.3:h:bobicus:chromebook_11:*:*:*:*:*:*:*:*
          cpe:2.3:h:ctl:j2_chromebook:-:*:*:*:*:education:*:*
          cpe:2.3:h:ctl:j4_chromebook:-:*:*:*:*:education:*:*
          cpe:2.3:h:ctl:j5_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:ctl:n6_chromebook:-:*:*:*:*:education:*:*
          cpe:2.3:h:ctl:nl61_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:dell:chromebook_11:-:*:*:*:*:*:*:*
          cpe:2.3:h:dell:chromebook_11_3120:-:*:*:*:*:*:*:*
          cpe:2.3:h:dell:chromebook_11_3189:-:*:*:*:*:*:*:*
          cpe:2.3:h:dell:chromebook_11_model_3180:-:*:*:*:*:*:*:*
          cpe:2.3:h:dell:chromebook_13_3380:-:*:*:*:*:*:*:*
          cpe:2.3:h:dell:chromebox:-:*:*:*:*:*:*:*
          cpe:2.3:h:edugear:chromebook_k:-:*:*:*:*:*:*:*
          cpe:2.3:h:edugear:chromebook_m:-:*:*:*:*:*:*:*
          cpe:2.3:h:edugear:chromebook_r:-:*:*:*:*:*:*:*
          cpe:2.3:h:edugear:cmt_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:edxis:chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:edxis:education_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:epik:chromebook_elb1101:-:*:*:*:*:*:*:*
          cpe:2.3:h:google:pixel:-:*:*:*:*:*:*:*
          cpe:2.3:h:haier:chromebook_11:-:*:*:*:*:*:*:*
          cpe:2.3:h:haier:chromebook_11_c:-:*:*:*:*:*:*:*
          cpe:2.3:h:haier:chromebook_11_g2:-:*:*:*:*:*:*:*
          cpe:2.3:h:haier:chromebook_11e:-:*:*:*:*:*:*:*
          cpe:2.3:h:hexa:chromebook_pi:-:*:*:*:*:*:*:*
          cpe:2.3:h:hisense:chromebook_11:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook:-:*:*:*:*:meetings:*:*
          cpe:2.3:h:hp:chromebook_11-vxxx:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_11_1100-1199:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_11_2000-2099:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_11_2100-2199:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_11_2200-2299:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_11_g1:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_11_g2:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_11_g3:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_11_g4\/g4_ee:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_11_g5:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_11_g5_ee:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_13_g1:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_14:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_14_ak000-099:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_14_g3:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_14_g4:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebook_14_x000-x999:-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebox_cb1-\(000-099\):-:*:*:*:*:*:*:*
          cpe:2.3:h:hp:chromebox_g1:-:*:*:*:*:*:*:*
          cpe:2.3:h:lenovo:100s_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:lenovo:n20_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:lenovo:n21_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:lenovo:n22_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:lenovo:n23_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:lenovo:n23_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:lenovo:n23_flex_11_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:lenovo:n23_yoga_11_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:lenovo:n42_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:lenovo:thinkcentre_chromebox:-:*:*:*:*:*:*:*
          cpe:2.3:h:lenovo:thinkpad_11e_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:lenovo:thinkpad_13_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:lg:chromebase_22cb25s:-:*:*:*:*:*:*:*
          cpe:2.3:h:lg:chromebase_22cv241:-:*:*:*:*:*:*:*
          cpe:2.3:h:medion:akoya_s2013:-:*:*:*:*:*:*:*
          cpe:2.3:h:medion:chromebook_s2015:-:*:*:*:*:*:*:*
          cpe:2.3:h:mercer:chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:mercer:v2_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:ncomputing:chromebook_cx100:-:*:*:*:*:*:*:*
          cpe:2.3:h:nexian:chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:pcmerge:chromebook_pcm-116t-432b:-:*:*:*:*:*:*:*
          cpe:2.3:h:poin2:chromebook_11:-:*:*:*:*:*:*:*
          cpe:2.3:h:poin2:chromebook_14:-:*:*:*:*:*:*:*
          cpe:2.3:h:positivo:chromebook_ch1190:-:*:*:*:*:*:*:*
          cpe:2.3:h:prowise:entry_line_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:prowise:proline_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:rgs:education_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:samsung:chromebook_2_11:-:*:*:*:*:*:*:*
          cpe:2.3:h:samsung:chromebook_2_11_xe500c12:-:*:*:*:*:*:*:*
          cpe:2.3:h:samsung:chromebook_2_13:-:*:*:*:*:*:*:*
          cpe:2.3:h:samsung:chromebook_3:-:*:*:*:*:*:*:*
          cpe:2.3:h:samsung:chromebook_plus:-:*:*:*:*:*:*:*
          cpe:2.3:h:samsung:chromebook_pro:-:*:*:*:*:*:*:*
          cpe:2.3:h:sector-five:e1_rugged_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:senkatel:c1101_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:toshiba:chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:toshiba:chromebook_2:-:*:*:*:*:*:*:*
          cpe:2.3:h:toshiba:chromebook_2:-:*:2015:*:*:*:*:*
          cpe:2.3:h:true:idc_chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:true:idc_chromebook_11:-:*:*:*:*:*:*:*
          cpe:2.3:h:videonet:chromebook:-:*:*:*:*:*:*:*
          cpe:2.3:h:videonet:chromebook_bl10:-:*:*:*:*:*:*:*
          cpe:2.3:h:viglen:chromebook_11:-:*:*:*:*:*:*:*
          cpe:2.3:h:viglen:chromebook_360:-:*:*:*:*:*:*:*
          cpe:2.3:h:xolo:chromebook:-:*:*:*:*:*:*:*
Changed Reference Type
https://monitor.certipath.com/rsatest No Types Assigned
https://monitor.certipath.com/rsatest Mitigation, Third Party Advisory
Changed Reference Type
https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/ No Types Assigned
https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/ Issue Tracking, Third Party Advisory
Changed Reference Type
https://github.com/iadgov/Detect-CVE-2017-15361-TPM No Types Assigned
https://github.com/iadgov/Detect-CVE-2017-15361-TPM Mitigation, Third Party Advisory
Changed Reference Type
https://www.yubico.com/support/security-advisories/ysa-2017-01/ No Types Assigned
https://www.yubico.com/support/security-advisories/ysa-2017-01/ Mitigation, Third Party Advisory
Changed Reference Type
https://keychest.net/roca No Types Assigned
https://keychest.net/roca Issue Tracking, Mitigation, Third Party Advisory