Количество 11
Количество 11
ELSA-2023-5080
ELSA-2023-5080: keylime security update (MODERATE)
CVE-2023-38201
A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.
CVE-2023-38201
A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.
CVE-2023-38201
A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.
CVE-2023-38200
A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.
CVE-2023-38200
A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.
CVE-2023-38200
A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.
SUSE-SU-2023:3525-1
Security update for keylime
SUSE-SU-2023:3245-1
Security update for keylime
GHSA-pg75-v6fp-8q59
Keylime's registrar vulnerable to Denial-of-service attack via a single open connection
GHSA-f4r5-q63f-gcww
Keylime registrar and (untrusted) Agent can be bypassed by an attacker
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2023-5080 ELSA-2023-5080: keylime security update (MODERATE) | почти 2 года назад | ||
 | CVE-2023-38201 A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database. | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
 | CVE-2023-38201 A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database. | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
 | CVE-2023-38201 A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database. | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
| CVE-2023-38200 A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections. | CVSS3: 7.5 | 0% Низкий | около 2 лет назад |
| CVE-2023-38200 A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections. | CVSS3: 7.5 | 0% Низкий | около 2 лет назад |
| CVE-2023-38200 A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections. | CVSS3: 7.5 | 0% Низкий | около 2 лет назад |
 | SUSE-SU-2023:3525-1 Security update for keylime | 0% Низкий | около 2 лет назад | |
| SUSE-SU-2023:3245-1 Security update for keylime | 0% Низкий | около 2 лет назад | |
| GHSA-pg75-v6fp-8q59 Keylime's registrar vulnerable to Denial-of-service attack via a single open connection | CVSS3: 7.5 | 0% Низкий | около 2 лет назад |
| GHSA-f4r5-q63f-gcww Keylime registrar and (untrusted) Agent can be bypassed by an attacker | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу