Design/Logic Flaw

2023-08-2517:15:00

PRIOn knowledge base

www.prio-n.com

keylime registrar

bypass

challenge-response protocol

agent registration

impersonation

database integrity breach

6.3 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

19.1%

JSON

A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.

CPENameOperatorVersion
fedoraeq38
keylimelt7.5.0
enterprise_linuxeq9.0
enterprise_linux_euseq9.2
enterprise_linux_for_ibm_z_systemseq9.0.0-s390-x
enterprise_linux_for_ibm_z_systems_euseq9.2.0-s390-x
enterprise_linux_for_power_little_endianeq9.0.0-ppc64-le
enterprise_linux_for_power_little_endian_euseq9.2.0-ppc64-le
enterprise_linux_server_auseq9.2

Name	Operator	Version
fedora	eq	38
keylime	lt	7.5.0
enterprise_linux	eq	9.0
enterprise_linux_eus	eq	9.2
enterprise_linux_for_ibm_z_systems	eq	9.0.0-s390-x
enterprise_linux_for_ibm_z_systems_eus	eq	9.2.0-s390-x
enterprise_linux_for_power_little_endian	eq	9.0.0-ppc64-le
enterprise_linux_for_power_little_endian_eus	eq	9.2.0-ppc64-le
enterprise_linux_server_aus	eq	9.2