Lucene search

[email protected]CVE-2023-38201

HistoryAug 25, 2023 - 5:15 p.m.

CVE-2023-38201

2023-08-2517:15:08

CWE-639

[email protected]

web.nvd.nist.gov

keylime

registrar

cve-2023-38201

security

integrity

agent registration

challenge-response protocol

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

6.3 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

19.1%

JSON

A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.

Affected configurations

NVD

Node

keylimekeylimeRange<7.5.0

Node

redhatenterprise_linuxMatch9.0

redhatenterprise_linux_eusMatch9.2

redhatenterprise_linux_for_ibm_z_systemsMatch9.0_s390x

redhatenterprise_linux_for_ibm_z_systems_eusMatch9.2_s390x

redhatenterprise_linux_for_power_little_endianMatch9.0_ppc64le

redhatenterprise_linux_for_power_little_endian_eusMatch9.2_ppc64le

redhatenterprise_linux_server_ausMatch9.2

Node

fedoraprojectfedoraMatch38

CPENameOperatorVersion
keylime:keylimekeylimelt7.5.0

CPE	Name	Operator	Version
keylime:keylime	keylime	lt	7.5.0

CNA Affected

[
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "keylime",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:6.5.2-6.el9_2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::appstream"
    ]
  }
]