A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.
Metrics
Affected Vendors & Products
References
History
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Mon, 16 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2023-08-25T16:15:39.449Z
Updated: 2024-11-23T00:13:55.292Z
Reserved: 2023-07-13T13:12:48.728Z
Link: CVE-2023-38201
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-08-25T17:15:08.530
Modified: 2024-11-21T08:13:04.463
Link: CVE-2023-38201
Redhat