CVE-2023-38200

HIGH

Keylime - DoS

Title source: llm

Description

A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.

References (5)

Scores

CVSS v3 7.5
EPSS 0.0071
EPSS Percentile 72.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE
CWE-400 CWE-834
Status published

Affected Products (10)

keylime/keylime
redhat/enterprise_linux
redhat/enterprise_linux_eus
redhat/enterprise_linux_for_ibm_z_systems
redhat/enterprise_linux_for_ibm_z_systems_eus
redhat/enterprise_linux_for_power_little_endian
redhat/enterprise_linux_for_power_little_endian_eus
redhat/enterprise_linux_server_aus
fedoraproject/fedora
pypi/keylime < 7.4.0PyPI

Timeline

Published Jul 24, 2023
Tracked Since Feb 18, 2026