CVE-2023-38201

CWE-639Insecure Direct Object Reference6 documents5 sources
Severity
6.5MEDIUM
EPSS
0.0%
top 93.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Keylime KeylimeFedoraproject FedoraRedhat Enterprise Linux+6 more
Timeline
PublishedAug 25
Latest updateSep 6

Description

A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

PyPIkeylime< 7.5.0+1
NVDkeylime/keylime< 7.5.0

Also affects: Fedora 38, Enterprise Linux 9.0, 9.2

Patches

Patch: bugzilla.redhat.comPatch: github.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

4
OSV
Keylime registrar and (untrusted) Agent can be bypassed by an attacker2023-09-06
GHSA
Keylime registrar and (untrusted) Agent can be bypassed by an attacker2023-09-06
CVEList
Keylime: challenge-response protocol bypass during agent registration2023-08-25
OSV
CVE-2023-38201: A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration2023-08-25

📋Vendor Advisories

1
Red Hat
Keylime: challenge-response protocol bypass during agent registration2023-08-23
CVE-2023-38201 (MEDIUM CVSS 6.5) | A flaw was found in the Keylime reg | cvebase.io