Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-3674

Опубликовано: 12 июл. 2023
Источник: redhat
CVSS3: 2.3

Описание

A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted.

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-1283
https://bugzilla.redhat.com/show_bug.cgi?id=2222903keylime: Attestation failure when the quote's signature does not validate

2.3 Low

CVSS3

Связанные уязвимости

nvd логотип

CVE-2023-3674

CVSS3: 2.3
nvd
больше 2 лет назад

A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted.

rocky логотип

RLSA-2024:1139

rocky
больше 1 года назад

Low: keylime security update

github логотип

GHSA-g4wg-cfpf-9689

CVSS3: 2.3
github
больше 2 лет назад

keylime fails to flag device as untrusted when signature does not validate

oracle-oval логотип

ELSA-2024-1139

oracle-oval
почти 2 года назад

ELSA-2024-1139: keylime security update (LOW)

2.3 Low

CVSS3

Уязвимость CVE-2023-3674