CVE-2023-38201
25.08.2023, 17:15
A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| keylime | keylime | 𝑥 < 7.5.0 |
| redhat | enterprise_linux | 9.0 |
| redhat | enterprise_linux_eus | 9.2 |
| redhat | enterprise_linux_for_ibm_z_systems | 9.0_s390x:_s390x |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 9.2_s390x:_s390x |
| redhat | enterprise_linux_for_power_little_endian | 9.0_ppc64le:_ppc64le |
| redhat | enterprise_linux_for_power_little_endian_eus | 9.2_ppc64le:_ppc64le |
| redhat | enterprise_linux_server_aus | 9.2 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Red Hat Enterprise Linux Releases
Red Hat Product | |||
|---|---|---|---|
| keylime |
| ||
| keylime-base |
| ||
| keylime-registrar |
| ||
| keylime-selinux |
| ||
| keylime-tenant |
| ||
| keylime-verifier |
| ||
| python3-keylime |
|
Common Weakness Enumeration
References