Man-in-the-Middle Attack (MITM)
github.com/edgelesssys/constellation is vulnerable to Man-in-the-Middle Attacks MITM. The vulnerability exists because attestation user data, including the digest of a public key in a aTLS connection are incorrectly bound to the issuers TPM, not the PCR state. If an attacker can intercept a node...