4 matches found
Improper Validation of Specified Type of Input
Overview keylime is a TPM-based key bootstrapping and system integrity measurement system for cloud Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input due to the registrar process. An attacker can cause the application to fail by populating the...
Fedora 38 : keylime (2023-ed9922536e)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ed9922536e advisory. Backport upstream fixes - Fixes: CVE-2023-38200 - Fixes: CVE-2023-38201 Tenable has extracted the preceding description block directly from the Fedo...
CVE-2023-38201
A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimat...
CVE-2023-38201
A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimat...