Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-3500

Опубликовано: 27 окт. 2022
Источник: redhat
CVSS3: 5.1
EPSS Низкий

Описание

A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore.

A vulnerability was found in keylime. This issue occurs due to improperly handled exceptions. A rogue agent could potentially create errors on the verifier that stopped attestation attempts for that host, leaving it in an attested state but not verified.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-248
https://bugzilla.redhat.com/show_bug.cgi?id=2135343keylime: exception handling and impedance match in tornado_requests

EPSS

Процентиль: 4%
0.00021
Низкий

5.1 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2022-3500

CVSS3: 5.1
nvd
больше 2 лет назад

A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore.

suse-cvrf логотип

SUSE-SU-2022:4204-1

suse-cvrf
больше 2 лет назад

Security update for keylime

rocky логотип

RLSA-2022:8444

rocky
больше 2 лет назад

Moderate: keylime security update

github логотип

GHSA-hff2-x2j9-gxgv

CVSS3: 5.1
github
почти 3 года назад

Keylime: unhandled exceptions could lead to invalid attestation states

oracle-oval логотип

ELSA-2022-8444

oracle-oval
больше 2 лет назад

ELSA-2022-8444: keylime security update (MODERATE)

EPSS

Процентиль: 4%
0.00021
Низкий

5.1 Medium

CVSS3