A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an malicious user to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
keylime keylime |
||
redhat enterprise linux 9.0 |
||
redhat enterprise linux server aus 9.2 |
||
redhat enterprise linux eus 9.2 |
||
redhat enterprise linux for power little endian eus 9.2_ppc64le |
||
redhat enterprise linux for power little endian 9.0_ppc64le |
||
redhat enterprise linux for ibm z systems eus 9.2_s390x |
||
redhat enterprise linux for ibm z systems 9.0_s390x |
||
fedoraproject fedora 38 |
Vulmon