Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-3500

Опубликовано: 22 нояб. 2022
Источник: nvd
CVSS3: 5.1
EPSS Низкий

Описание

A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:keylime:keylime:*:*:*:*:*:*:*:*
Версия до 6.5.1 (исключая)
Конфигурация 2
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

EPSS

Процентиль: 4%
0.00021
Низкий

5.1 Medium

CVSS3

Дефекты

CWE-248

Связанные уязвимости

redhat логотип

CVE-2022-3500

CVSS3: 5.1
redhat
почти 3 года назад

A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore.

suse-cvrf логотип

SUSE-SU-2022:4204-1

suse-cvrf
больше 2 лет назад

Security update for keylime

rocky логотип

RLSA-2022:8444

rocky
больше 2 лет назад

Moderate: keylime security update

github логотип

GHSA-hff2-x2j9-gxgv

CVSS3: 5.1
github
почти 3 года назад

Keylime: unhandled exceptions could lead to invalid attestation states

oracle-oval логотип

ELSA-2022-8444

oracle-oval
больше 2 лет назад

ELSA-2022-8444: keylime security update (MODERATE)

EPSS

Процентиль: 4%
0.00021
Низкий

5.1 Medium

CVSS3

Дефекты

CWE-248