Flaw in keylime attestation verifier allows untrusted device
Reporter | Title | Published | Views | Family All 22 |
---|---|---|---|---|
Vulnrichment | CVE-2023-3674 Keylime: attestation failure when the quote's signature does not validate | 19 Jul 202318:25 | – | vulnrichment |
OSV | PYSEC-2023-128 | 19 Jul 202319:15 | – | osv |
OSV | keylime fails to flag device as untrusted when signature does not validate | 19 Jul 202321:30 | – | osv |
OSV | Red Hat Security Advisory: keylime security update | 16 Sep 202417:05 | – | osv |
OSV | keylime-config-7.11.0-1.1 on GA media | 17 Jun 202400:00 | – | osv |
OSV | CVE-2023-3674 | 19 Jul 202319:15 | – | osv |
OSV | Low: keylime security update | 10 May 202414:32 | – | osv |
OSV | Low: keylime security update | 5 Mar 202400:00 | – | osv |
Veracode | Improper Signature Validation | 20 Jul 202310:30 | – | veracode |
NVD | CVE-2023-3674 | 19 Jul 202319:15 | – | nvd |
[
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "keylime",
"defaultStatus": "affected",
"versions": [
{
"version": "0:7.3.0-13.el9_3",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo