CVE-2017-15361

The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS.

CVSS v3.0 5.9 MEDIUM
CVSS v2.0 4.3 MEDIUM

5.9^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector : AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160	Mitigation Vendor Advisory
https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update	Issue Tracking Mitigation Patch Third Party Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012	Issue Tracking Patch Third Party Advisory
https://crocs.fi.muni.cz/public/papers/rsa_ccs17	Issue Tracking Mitigation Third Party Advisory
https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/	Issue Tracking Third Party Advisory
https://www.yubico.com/support/security-advisories/ysa-2017-01/	Mitigation Third Party Advisory
https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/	Issue Tracking Third Party Advisory
http://support.lenovo.com/us/en/product_security/LEN-15552	Mitigation Third Party Advisory
https://github.com/iadgov/Detect-CVE-2017-15361-TPM	Mitigation Third Party Advisory
http://www.securityfocus.com/bid/101484	Third Party Advisory VDB Entry
https://www.kb.cert.org/vuls/id/307015	Issue Tracking Mitigation US Government Resource Third Party Advisory
https://monitor.certipath.com/rsatest	Mitigation Third Party Advisory
https://keychest.net/roca	Issue Tracking Mitigation Third Party Advisory
https://github.com/crocs-muni/roca	Mitigation Third Party Advisory
https://security.netapp.com/advisory/ntap-20171024-0001/
https://blog.cr.yp.to/20171105-infineon.html
https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03801en_us
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03789en_us
https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00104.html

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:infineon:trusted_platform_firmware:6.40:::::::*
	cpe:2.3:o:infineon:trusted_platform_firmware:133.32:::::::*
	cpe:2.3:o:infineon:trusted_platform_firmware:4.31:::::::*
	cpe:2.3:o:infineon:trusted_platform_firmware:4.32:::::::*

OR	cpe:2.3:h:viglen:chromebook_11:-:::::::*
	cpe:2.3:h:viglen:chromebook_360:-:::::::*
	cpe:2.3:h:toshiba:chromebook_2:-:::::::*
	cpe:2.3:h:senkatel:c1101_chromebook:-:::::::*
	cpe:2.3:h:rgs:education_chromebook:-:::::::*
	cpe:2.3:h:prowise:proline_chromebook:-:::::::*
	cpe:2.3:h:ncomputing:chromebook_cx100:-:::::::*
	cpe:2.3:h:medion:chromebook_s2015:-:::::::*
	cpe:2.3:h:lenovo:n20_chromebook:-:::::::*
	cpe:2.3:h:lenovo:n21_chromebook:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_11e_chromebook:-:::::::*
	cpe:2.3:h:dell:chromebox:-:::::::*
	cpe:2.3:h:bobicus:chromebook_11::::::::
	cpe:2.3:h:asus:chromebook_flip_c100pa:-:::::::*
	cpe:2.3:h:asus:chromebook_flip_c302:-:::::::*
	cpe:2.3:h:aopen:chromeboxi:-::mini:::::
	cpe:2.3:h:acer:c720_chromebook:-:::::::*
	cpe:2.3:h:acer:chromebook_11_c771:-:::::::*
	cpe:2.3:h:acer:chromebook_11_c771t:-:::::::*
	cpe:2.3:h:acer:chromebook_11_n7_c731:-:::::::*
	cpe:2.3:h:acer:chromebook_r11:-:::::::*
	cpe:2.3:h:acer:chromebook_r13_cb5-312t:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_13_chromebook:-:::::::*
	cpe:2.3:h:hp:chromebook_11_g4\/g4_ee:-:::::::*
	cpe:2.3:h:hp:chromebook_11_g1:-:::::::*
	cpe:2.3:h:hp:chromebook_14_ak000-099:-:::::::*
	cpe:2.3:h:hp:chromebook_14_g4:-:::::::*
	cpe:2.3:h:haier:chromebook_11_g2:-:::::::*
	cpe:2.3:h:haier:chromebook_11e:-:::::::*
	cpe:2.3:h:edugear:chromebook_m:-:::::::*
	cpe:2.3:h:edugear:chromebook_r:-:::::::*
	cpe:2.3:h:ctl:nl61_chromebook:-:::::::*
	cpe:2.3:h:ctl:n6_chromebook:-:::::education::
	cpe:2.3:h:dell:chromebook_11:-:::::::*
	cpe:2.3:h:asus:chromebit_cs10:-:::::::*
	cpe:2.3:h:asus:chromebook_c200:-:::::::*
	cpe:2.3:h:asus:chromebook_c201pa:-:::::::*
	cpe:2.3:h:asus:chromebox_cn60:-:::::::*
	cpe:2.3:h:asus:chromebox_cn62:-:::::::*
	cpe:2.3:h:acer:chromebase:-:::::::*
	cpe:2.3:h:acer:chromebase_24:-:::::::*
	cpe:2.3:h:acer:chromebook_13_cb5-311:-:::::::*
	cpe:2.3:h:acer:chromebook_14_cb3-431:-:::::::*
	cpe:2.3:h:acer:chromebox:-:::::::*
	cpe:2.3:h:acer:chromebox_cxi2:-:::::::*
	cpe:2.3:h:samsung:chromebook_2_11_xe500c12:-:::::::*
	cpe:2.3:h:samsung:chromebook_2_11:-:::::::*
	cpe:2.3:h:samsung:chromebook_2_13:-:::::::*
	cpe:2.3:h:prowise:entry_line_chromebook:-:::::::*
	cpe:2.3:h:positivo:chromebook_ch1190:-:::::::*
	cpe:2.3:h:poin2:chromebook_11:-:::::::*
	cpe:2.3:h:poin2:chromebook_14:-:::::::*
	cpe:2.3:h:medion:akoya_s2013:-:::::::*
	cpe:2.3:h:mercer:chromebook:-:::::::*
	cpe:2.3:h:mercer:v2_chromebook:-:::::::*
	cpe:2.3:h:lg:chromebase_22cb25s:-:::::::*
	cpe:2.3:h:lenovo:n22_chromebook:-:::::::*
	cpe:2.3:h:lenovo:n23_chromebook:-:::::::*
	cpe:2.3:h:lenovo:n23_yoga_11_chromebook:-:::::::*
	cpe:2.3:h:hp:chromebook:-:::::meetings::
	cpe:2.3:h:hp:chromebook_11_1100-1199:-:::::::*
	cpe:2.3:h:hp:chromebook_11_2000-2099:-:::::::*
	cpe:2.3:h:hp:chromebook_11_2100-2199:-:::::::*
	cpe:2.3:h:hp:chromebook_11_g2:-:::::::*
cpe:2.3:h:hp:chromebook_11_g5:-:::::::*
cpe:2.3:h:hp:chromebook_14_x000-x999:-:::::::*
cpe:2.3:h:hp:chromebook_14_g3:-:::::::*
cpe:2.3:h:haier:chromebook_11_c:-:::::::*
cpe:2.3:h:google:pixel:-:::::::*
cpe:2.3:h:edugear:cmt_chromebook:-:::::::*
cpe:2.3:h:ctl:j5_chromebook:-:::::::*
cpe:2.3:h:ctl:j4_chromebook:-:::::education::
cpe:2.3:h:videonet:chromebook:-:::::::*
cpe:2.3:h:videonet:chromebook_bl10:-:::::::*
cpe:2.3:h:true:idc_chromebook:-:::::::*
cpe:2.3:h:true:idc_chromebook_11:-:::::::*
cpe:2.3:h:sector-five:e1_rugged_chromebook:-:::::::*
cpe:2.3:h:dell:chromebook_11_3120:-:::::::*
cpe:2.3:h:dell:chromebook_11_3189:-:::::::*
cpe:2.3:h:dell:chromebook_11_model_3180:-:::::::*
cpe:2.3:h:dell:chromebook_13_3380:-:::::::*
cpe:2.3:h:asus:chromebook_c202sa:-:::::::*
cpe:2.3:h:asus:chromebook_c300:-:::::::*
cpe:2.3:h:asus:chromebook_c300sa:-:::::::*
cpe:2.3:h:asus:chromebook_c301sa:-:::::::*
cpe:2.3:h:asi:chromebook:-:::::::*
cpe:2.3:h:aopen:chromebase:-::commercial:::::
cpe:2.3:h:aopen:chromebox:-::commercial:::::
cpe:2.3:h:aopen:chromebase:-::mini:::::
cpe:2.3:h:acer:chromebook_11_c730:-:::::::*
cpe:2.3:h:acer:chromebook_11_c730e:-:::::::*
cpe:2.3:h:acer:chromebook_11_c735:-:::::::*
cpe:2.3:h:acer:chromebook_11_c740:-:::::::*
cpe:2.3:h:acer:chromebook_14_for_work_cp5-471:-:::::::*
cpe:2.3:h:acer:chromebook_15_cb3-531:-:::::::*
cpe:2.3:h:acer:chromebook_15_cb3-532:-:::::::*
cpe:2.3:h:acer:chromebook_15_cb5-571:-:::::::*
cpe:2.3:h:samsung:chromebook_3:-:::::::*
cpe:2.3:h:samsung:chromebook_plus:-:::::::*
cpe:2.3:h:samsung:chromebook_pro:-:::::::*
cpe:2.3:h:pcmerge:chromebook_pcm-116t-432b:-:::::::*
cpe:2.3:h:nexian:chromebook:-:::::::*
cpe:2.3:h:lg:chromebase_22cv241:-:::::::*
cpe:2.3:h:lenovo:100s_chromebook:-:::::::*
cpe:2.3:h:lenovo:n23_flex_11_chromebook:-:::::::*
cpe:2.3:h:lenovo:n42_chromebook:-:::::::*
cpe:2.3:h:lenovo:thinkcentre_chromebox:-:::::::*
cpe:2.3:h:hp:chromebook_11_g3:-:::::::*
cpe:2.3:h:hp:chromebook_11_2200-2299:-:::::::*
cpe:2.3:h:hp:chromebook_11-vxxx:-:::::::*
cpe:2.3:h:hp:chromebook_11_g5_ee:-:::::::*
cpe:2.3:h:hp:chromebook_13_g1:-:::::::*
cpe:2.3:h:hp:chromebook_14:-:::::::*
cpe:2.3:h:hp:chromebox_cb1-\(000-099\):-:::::::*
cpe:2.3:h:hp:chromebox_g1:-:::::::*
cpe:2.3:h:hisense:chromebook_11:-:::::::*
cpe:2.3:h:hexa:chromebook_pi:-:::::::*
cpe:2.3:h:haier:chromebook_11:-:::::::*
cpe:2.3:h:epik:chromebook_elb1101:-:::::::*
cpe:2.3:h:edxis:chromebook:-:::::::*
cpe:2.3:h:edxis:education_chromebook:-:::::::*
cpe:2.3:h:edugear:chromebook_k:-:::::::*
cpe:2.3:h:ctl:j2_chromebook:-:::::education::
cpe:2.3:h:xolo:chromebook:-:::::::*
cpe:2.3:h:toshiba:chromebook_2:-::2015:::::
cpe:2.3:h:toshiba:chromebook:-:::::::*

Configuration 2 (hide)

cpe:2.3:a:infineon:rsa_library:*:*:*:*:*:*:*:*

Information

Published : 2017-10-16 10:29

Updated : 2019-10-02 17:03

NVD link : CVE-2017-15361

Mitre link : CVE-2017-15361

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

edugear

chromebook_r
chromebook_m
cmt_chromebook
chromebook_k

dell

chromebook_11
chromebook_11_3120
chromebook_11_model_3180
chromebook_11_3189
chromebook_13_3380
chromebox

chromebook_11_2200-2299
chromebook_14
chromebook_11_2000-2099
chromebook_11_g2
chromebook_11_2100-2199
chromebook_11_1100-1199
chromebook_14_x000-x999
chromebook_11_g1
chromebook_13_g1
chromebook_11_g5_ee
chromebook_11-vxxx
chromebook_11_g3
chromebook
chromebook_14_g3
chromebook_14_g4
chromebook_11_g5
chromebook_11_g4\/g4_ee
chromebook_14_ak000-099
chromebox_g1
chromebox_cb1-\(000-099\)

ctl

j2_chromebook
nl61_chromebook
n6_chromebook
j4_chromebook
j5_chromebook

asus

chromebox_cn60
chromebook_c300sa
chromebook_c201pa
chromebook_c202sa
chromebox_cn62
chromebook_flip_c100pa
chromebook_flip_c302
chromebook_c301sa
chromebit_cs10
chromebook_c300
chromebook_c200

edxis

chromebook
education_chromebook

mercer

chromebook
v2_chromebook

acer

chromebase_24
chromebook_11_c730
chromebook_14_for_work_cp5-471
chromebook_11_c771
chromebase
chromebook_13_cb5-311
chromebook_15_cb3-531
chromebook_11_c740
chromebook_15_cb3-532
chromebook_11_c730e
c720_chromebook
chromebox
chromebook_11_c771t
chromebook_r11
chromebook_11_c735
chromebook_r13_cb5-312t
chromebook_15_cb5-571
chromebox_cxi2
chromebook_14_cb3-431
chromebook_11_n7_c731

bobicus

chromebook_11

samsung

chromebook_plus
chromebook_2_13
chromebook_pro
chromebook_3
chromebook_2_11
chromebook_2_11_xe500c12

haier

chromebook_11_g2
chromebook_11
chromebook_11_c
chromebook_11e

lenovo

n23_yoga_11_chromebook
n21_chromebook
thinkpad_13_chromebook
n23_flex_11_chromebook
n23_chromebook
100s_chromebook
n22_chromebook
thinkpad_11e_chromebook
n42_chromebook
thinkcentre_chromebox
n20_chromebook

hisense

chromebook_11

toshiba

chromebook
chromebook_2

chromebase_22cv241
chromebase_22cb25s

true

idc_chromebook
idc_chromebook_11

viglen

chromebook_360
chromebook_11

prowise

proline_chromebook
entry_line_chromebook

rgs

education_chromebook

xolo

chromebook

ncomputing

chromebook_cx100

aopen

chromeboxi
chromebase
chromebox

poin2

chromebook_14
chromebook_11

medion

chromebook_s2015
akoya_s2013

google

pixel

pcmerge

chromebook_pcm-116t-432b

nexian

chromebook

positivo

chromebook_ch1190

infineon

trusted_platform_firmware
rsa_library

hexa

chromebook_pi

epik

chromebook_elb1101

senkatel

c1101_chromebook

videonet

chromebook_bl10
chromebook

asi

chromebook

sector-five

e1_rugged_chromebook

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160", "name": "https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160", "tags": ["Mitigation", "Vendor Advisory"], "refsource": "MISC"}, {"url": "https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update", "name": "https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update", "tags": ["Issue Tracking", "Mitigation", "Patch", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170012", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://crocs.fi.muni.cz/public/papers/rsa_ccs17", "name": "https://crocs.fi.muni.cz/public/papers/rsa_ccs17", "tags": ["Issue Tracking", "Mitigation", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/", "name": "https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/", "tags": ["Issue Tracking", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://www.yubico.com/support/security-advisories/ysa-2017-01/", "name": "https://www.yubico.com/support/security-advisories/ysa-2017-01/", "tags": ["Mitigation", "Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/", "name": "https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/", "tags": ["Issue Tracking", "Third Party Advisory"], "refsource": "MISC"}, {"url": "http://support.lenovo.com/us/en/product_security/LEN-15552", "name": "http://support.lenovo.com/us/en/product_security/LEN-15552", "tags": ["Mitigation", "Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "https://github.com/iadgov/Detect-CVE-2017-15361-TPM", "name": "https://github.com/iadgov/Detect-CVE-2017-15361-TPM", "tags": ["Mitigation", "Third Party Advisory"], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/101484", "name": "101484", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "https://www.kb.cert.org/vuls/id/307015", "name": "VU#307015", "tags": ["Issue Tracking", "Mitigation", "US Government Resource", "Third Party Advisory"], "refsource": "CERT-VN"}, {"url": "https://monitor.certipath.com/rsatest", "name": "https://monitor.certipath.com/rsatest", "tags": ["Mitigation", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://keychest.net/roca", "name": "https://keychest.net/roca", "tags": ["Issue Tracking", "Mitigation", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://github.com/crocs-muni/roca", "name": "https://github.com/crocs-muni/roca", "tags": ["Mitigation", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://security.netapp.com/advisory/ntap-20171024-0001/", "name": "https://security.netapp.com/advisory/ntap-20171024-0001/", "tags": [], "refsource": "CONFIRM"}, {"url": "https://blog.cr.yp.to/20171105-infineon.html", "name": "https://blog.cr.yp.to/20171105-infineon.html", "tags": [], "refsource": "MISC"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01", "tags": [], "refsource": "MISC"}, {"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03801en_us", "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03801en_us", "tags": [], "refsource": "CONFIRM"}, {"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03789en_us", "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03789en_us", "tags": [], "refsource": "CONFIRM"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf", "tags": [], "refsource": "CONFIRM"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html", "tags": [], "refsource": "CONFIRM"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00104.html", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00104.html", "tags": [], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2017-15361", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.2}}, "publishedDate": "2017-10-16T17:29Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:infineon:trusted_platform_firmware:6.40:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:infineon:trusted_platform_firmware:133.32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:infineon:trusted_platform_firmware:4.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:infineon:trusted_platform_firmware:4.32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:viglen:chromebook_11:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:viglen:chromebook_360:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:toshiba:chromebook_2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:senkatel:c1101_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:rgs:education_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:prowise:proline_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:ncomputing:chromebook_cx100:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:medion:chromebook_s2015:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:n20_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:n21_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkpad_11e_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:dell:chromebox:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:bobicus:chromebook_11:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:asus:chromebook_flip_c100pa:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:asus:chromebook_flip_c302:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:aopen:chromeboxi:-:*:mini:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:c720_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebook_11_c771:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebook_11_c771t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebook_11_n7_c731:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebook_r11:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebook_r13_cb5-312t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkpad_13_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_11_g4\\/g4_ee:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_11_g1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_14_ak000-099:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_14_g4:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:haier:chromebook_11_g2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:haier:chromebook_11e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:edugear:chromebook_m:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:edugear:chromebook_r:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:ctl:nl61_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:ctl:n6_chromebook:-:*:*:*:*:education:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:dell:chromebook_11:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:asus:chromebit_cs10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:asus:chromebook_c200:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:asus:chromebook_c201pa:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:asus:chromebox_cn60:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:asus:chromebox_cn62:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebase:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebase_24:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebook_13_cb5-311:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebook_14_cb3-431:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebox:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebox_cxi2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:samsung:chromebook_2_11_xe500c12:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:samsung:chromebook_2_11:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:samsung:chromebook_2_13:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:prowise:entry_line_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:positivo:chromebook_ch1190:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:poin2:chromebook_11:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:poin2:chromebook_14:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:medion:akoya_s2013:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:mercer:chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:mercer:v2_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lg:chromebase_22cb25s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:n22_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:n23_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:n23_yoga_11_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook:-:*:*:*:*:meetings:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_11_1100-1199:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_11_2000-2099:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_11_2100-2199:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_11_g2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_11_g5:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_14_x000-x999:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_14_g3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:haier:chromebook_11_c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:google:pixel:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:edugear:cmt_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:ctl:j5_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:ctl:j4_chromebook:-:*:*:*:*:education:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:videonet:chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:videonet:chromebook_bl10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:true:idc_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:true:idc_chromebook_11:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:sector-five:e1_rugged_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:dell:chromebook_11_3120:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:dell:chromebook_11_3189:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:dell:chromebook_11_model_3180:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:dell:chromebook_13_3380:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:asus:chromebook_c202sa:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:asus:chromebook_c300:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:asus:chromebook_c300sa:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:asus:chromebook_c301sa:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:asi:chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:aopen:chromebase:-:*:commercial:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:aopen:chromebox:-:*:commercial:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:aopen:chromebase:-:*:mini:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebook_11_c730:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebook_11_c730e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebook_11_c735:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebook_11_c740:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebook_14_for_work_cp5-471:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebook_15_cb3-531:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebook_15_cb3-532:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:acer:chromebook_15_cb5-571:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:samsung:chromebook_3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:samsung:chromebook_plus:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:samsung:chromebook_pro:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:pcmerge:chromebook_pcm-116t-432b:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:nexian:chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lg:chromebase_22cv241:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:100s_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:n23_flex_11_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:n42_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkcentre_chromebox:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_11_g3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_11_2200-2299:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_11-vxxx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_11_g5_ee:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_13_g1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebook_14:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebox_cb1-\\(000-099\\):-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hp:chromebox_g1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hisense:chromebook_11:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hexa:chromebook_pi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:haier:chromebook_11:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:epik:chromebook_elb1101:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:edxis:chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:edxis:education_chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:edugear:chromebook_k:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:ctl:j2_chromebook:-:*:*:*:*:education:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:xolo:chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:toshiba:chromebook_2:-:*:2015:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:toshiba:chromebook:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:infineon:rsa_library:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.02.013"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2019-10-03T00:03Z"}

5.9 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2017-15361

5.9^/10

4.3^/10

Attach tags to `CVE-2017-15361`