CVE-2021-3565 : A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2

A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality.

Published 2021-06-04 12:15:08

Updated 2022-04-25 19:49:50

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Information leak

Products affected by CVE-2021-3565

Redhat » Enterprise Linux » Version: 8.0
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 33
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 34
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
Matching versions
Tpm2-tools Project » Tpm2-tools
Versions from including (>=) 5.1 and before (<) 5.1.1
cpe:2.3:a:tpm2-tools_project:tpm2-tools:*:*:*:*:*:*:*:*
Matching versions
Tpm2-tools Project » Tpm2-tools
Versions before (<) 4.3.2
cpe:2.3:a:tpm2-tools_project:tpm2-tools:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-3565

EPSS FAQ

0.19%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 42 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-3565

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
5.9	MEDIUM	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N	2.2	3.6	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2021-3565

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: secalert@redhat.com (Secondary)
CWE-665 Improper Initialization

The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

Assigned by: secalert@redhat.com (Secondary)
CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-3565

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ESY6HRYUKR5ZG2K5QAJQC5S6HMKZMFK7/

[SECURITY] Fedora 33 Update: tpm2-tools-4.3.2-1.fc33 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1964427

1964427 – (CVE-2021-3565) CVE-2021-3565 tpm2-tools: during tpm2_import command invocation a fixed AES wrapping key is used
Issue Tracking;Patch;Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XK5M7I66PBXSN663TSLAZ3V6TWWFCV7C/

[SECURITY] Fedora 34 Update: tpm2-tools-5.1.1-1.fc34 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory

Jump to

Vulnerability Details : CVE-2021-3565

Products affected by CVE-2021-3565

Exploit prediction scoring system (EPSS) score for CVE-2021-3565

CVSS scores for CVE-2021-3565

CWE ids for CVE-2021-3565

References for CVE-2021-3565