Keylime 6.6.0

CPE Details

Keylime 6.6.0
6.6.0
2023-07-28
11h37 +00:00
2023-07-28
16h40 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:keylime:keylime:6.6.0:*:*:*:*:*:*:*

Informations

Vendor

keylime

Product

keylime

Version

6.6.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-38201 2023-08-25 16h15 +00:00 A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.
6.5
Medium
CVE-2023-3674 2023-07-19 18h25 +00:00 A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted.
2.8
Low