CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-38201 – Keylime: challenge-response protocol bypass during agent registration
https://notcve.org/view.php?id=CVE-2023-38201
25 Aug 2023 — A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database. Se encontró una falla en el registrador de Keylime que podría permitir una omisión del protocolo de desafío-respuesta durante el registro del... • https://access.redhat.com/errata/RHSA-2023:5080 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 0CVE-2023-38200 – Keylime: registrar is subject to a dos against ssl connections
https://notcve.org/view.php?id=CVE-2023-38200
24 Jul 2023 — A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections. Se encontró una falla en Keylime. Debido a su naturaleza de bloqueo, el registrador de Keylime está sujeto a una denegación de servicio remota contra sus conexiones SSL. • https://access.redhat.com/errata/RHSA-2023:5080 • CWE-400: Uncontrolled Resource Consumption CWE-834: Excessive Iteration •
CVSS: 2.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-3674 – Keylime: attestation failure when the quote's signature does not validate
https://notcve.org/view.php?id=CVE-2023-3674
19 Jul 2023 — A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted. An update for keylime is now available for Red Hat Enterprise Linux 9. • https://access.redhat.com/errata/RHSA-2024:1139 • CWE-1283: Mutable Attestation or Measurement Reporting Data •
CVSS: 5.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-3500 – keylime: exception handling and impedance match in tornado_requests
https://notcve.org/view.php?id=CVE-2022-3500
16 Nov 2022 — A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore. Se encontró una vulnerabilidad en keylime. Este problema de seguridad ocurre en algunas circunstancias, debido a algunas excepciones manejadas incorrectamente, existe la posibilidad de... • https://access.redhat.com/security/cve/CVE-2022-3500 • CWE-248: Uncaught Exception •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-23952
https://notcve.org/view.php?id=CVE-2022-23952
21 Sep 2022 — In Keylime before 6.3.0, current keylime installer installs the keylime.conf file, which can contain sensitive data, as world-readable. En Keylime versiones anteriores a 6.3.0, el instalador actual de keylime instala el archivo keylime.conf, que puede contener datos confidenciales, como legible por el mundo • https://github.com/keylime/keylime/commit/883085d6a4bcea3012729014d5b8e15ecd65fc7c • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-23951
https://notcve.org/view.php?id=CVE-2022-23951
21 Sep 2022 — In Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs. En Keylime versiones anteriores a 6.3.0, las respuestas de cotización del agente pueden contener datos ZIP que no son confiables y que pueden conllevar a bombas zip • https://github.com/keylime/keylime/commit/6e44758b64b0ee13564fc46e807f4ba98091c355 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-23950
https://notcve.org/view.php?id=CVE-2022-23950
21 Sep 2022 — In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations. En Keylime versiones anteriores a 6.3.0, el notificador de revocación usa una ruta /tmp fija para el socket de dominio UNIX que puede permitir a usuarios no privilegiado un método para prohibir las operaciones de Keylime • https://github.com/keylime/keylime/commit/ea5d0373fa2c050d5d95404eb779be7e8327b911 • CWE-379: Creation of Temporary File in Directory with Insecure Permissions CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-23949
https://notcve.org/view.php?id=CVE-2022-23949
21 Sep 2022 — In Keylime before 6.3.0, unsanitized UUIDs can be passed by a rogue agent and can lead to log spoofing on the verifier and registrar. En Keylime versiones anteriores a 6.3.0, los UUIDs no saneados pueden ser pasados por un agente deshonesto y pueden conllevar a una suplantación de registros en el verificador y el registrador • https://github.com/keylime/keylime/commit/387e320dc22c89f4f47c68cb37eb9eec2137f34b • CWE-290: Authentication Bypass by Spoofing •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 1CVE-2021-43310
https://notcve.org/view.php?id=CVE-2021-43310
21 Sep 2022 — A vulnerability in Keylime before 6.3.0 allows an attacker to craft a request to the agent that resets the U and V keys as if the agent were being re-added to a verifier. This could lead to a remote code execution. Una vulnerabilidad en Keylime versiones anteriores a 6.3.0, permite a un atacante diseñar una petición al agente que restablezca las claves U y V como si el agente estuviera volviéndose a añadir a un verificador. Esto podría conllevar a una ejecución de código remota • https://github.com/keylime/keylime/security/advisories/GHSA-2m39-75g9-ff5r • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-23948
https://notcve.org/view.php?id=CVE-2022-23948
21 Sep 2022 — A flaw was found in Keylime before 6.3.0. The logic in the Keylime agent for checking for a secure mount can be fooled by previously created unprivileged mounts allowing secrets to be leaked to other processes on the host. Se ha encontrado un fallo en Keylime versiones anteriores a 6.3.0. La lógica en el agente de Keylime para la comprobación de un montaje seguro puede ser engañada por montajes no privilegiados previamente creados, permitiendo que los secretos sean filtrados a otros procesos en el host • https://github.com/keylime/keylime/commit/1a4f31a6368d651222683c9debe7d6832db6f607 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •