RedhatCVELIST:CVE-2023-38201CVE-2023-38201 Keylime: challenge-response protocol bypass during agent registration
6.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
6.6 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
19.1%
A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.
CNA Affected
[
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "keylime",
"defaultStatus": "affected",
"versions": [
{
"version": "0:6.5.2-6.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
]
}
]References
access.redhat.com/errata/RHSA-2023:5080
access.redhat.com/security/cve/CVE-2023-38201
bugzilla.redhat.com/show_bug.cgi?id=2222693
github.com/keylime/keylime/commit/9e5ac9f25cd400b16d5969f531cee28290543f2a
github.com/keylime/keylime/security/advisories/GHSA-f4r5-q63f-gcww
lists.fedoraproject.org/archives/list/[email protected]/message/ZIZZB5NHNCS5D2AEH3ZAO6OQC72IK7WS/
Related
6.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
6.6 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
19.1%