CVE-2023-38200 HIGH

CVE-2023-38200: Keylime: registrar is subject to a dos against ssl connections

Weakness CWE-400
Published July 24, 2023
Last update November 20, 2025

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.

Key dates

02Disclosure timeline

July 24, 2023 CVE published
November 20, 2025 Record updated