CNNVD-202602-963 Information

CNNVD ID

CNNVD-202602-963

Related CVE

CVE-2026-1709

• CNNVD Published: 2026-02-06

Description (Chinese)

Keylime是Keylime开源的一个利用 TPM 技术的开源可扩展信任系统。 Keylime 7.12.0及之前版本存在安全漏洞，该漏洞源于未强制执行客户端TLS身份验证，可能导致未经验证的客户端执行管理操作。

Description (English)

Keylime is an open source-enlarged trust system using TPM technology. Keylime 7.11.2.0 and previous versions had a security loophole, which stemmed from the failure to enforce client TLS authentication and could lead to uncertified client management operations.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Keylime

Published

2026-02-06

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2026-1709 https://bugzilla.redhat.com/show_bug.cgi?id=2435514

Patch

https://github.com/keylime/keylime/releases