CVE-2026-1709 - Vulnerability Details

CVE-2026-1709 - Keylime: keylime: authentication bypass allows unauthorized administrative operations due to missing client-side tls authentication

A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Keylime	Keylime
Redhat	Enterprise Linux Enterprise Linux Eus Enterprise Linux For Arm 64 Enterprise Linux For Arm 64 Eus Enterprise Linux For Ibm Z Systems Enterprise Linux For Ibm Z Systems Eus Enterprise Linux For Power Little Endian Enterprise Linux For Power Little Endian Eus

Configuration 1 [-]

cpe:2.3:a:keylime:keylime:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:10.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:10.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_arm_64:10.0_aarch64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:10.0_aarch64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:10.0_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:10.0_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:10.0_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:10.0_ppc64le:::::::*

No data.

References

Link	Providers
https://access.redhat.com/errata/RHSA-2026:2224
https://access.redhat.com/errata/RHSA-2026:2225
https://access.redhat.com/errata/RHSA-2026:2298
https://access.redhat.com/security/cve/CVE-2026-1709
https://bugzilla.redhat.com/show_bug.cgi?id=2435514
https://nvd.nist.gov/vuln/detail/CVE-2026-1709
https://www.cve.org/CVERecord?id=CVE-2026-1709

History

Thu, 05 Mar 2026 21:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Keylime Keylime keylime Redhat enterprise Linux For Arm 64 Redhat enterprise Linux For Arm 64 Eus Redhat enterprise Linux For Ibm Z Systems Redhat enterprise Linux For Ibm Z Systems Eus Redhat enterprise Linux For Power Little Endian Redhat enterprise Linux For Power Little Endian Eus
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:a:keylime:keylime:::::::: cpe:2.3:o:redhat:enterprise_linux:10.0:::::::* cpe:2.3:o:redhat:enterprise_linux:9.0:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:10.0:::::::* cpe:2.3:o:redhat:enterprise_linux_for_arm_64:10.0_aarch64:::::::* cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:::::::* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:10.0_aarch64:::::::* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:10.0_s390x:::::::* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:::::::* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:10.0_s390x:::::::* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:10.0_ppc64le:::::::* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:::::::* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:10.0_ppc64le:::::::*
Vendors & Products		Keylime Keylime keylime Redhat enterprise Linux For Arm 64 Redhat enterprise Linux For Arm 64 Eus Redhat enterprise Linux For Ibm Z Systems Redhat enterprise Linux For Ibm Z Systems Eus Redhat enterprise Linux For Power Little Endian Redhat enterprise Linux For Power Little Endian Eus

Mon, 09 Feb 2026 10:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat enterprise Linux Eus
CPEs		cpe:/o:redhat:enterprise_linux_eus:10.0
Vendors & Products		Redhat enterprise Linux Eus
References		https://access.redhat.com/errata/RHSA-2026:2298

Mon, 09 Feb 2026 07:15:00 +0000

Type	Values Removed	Values Added
CPEs	cpe:/o:redhat:enterprise_linux:10 cpe:/o:redhat:enterprise_linux:9	cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:10.1
References		https://access.redhat.com/errata/RHSA-2026:2224 https://access.redhat.com/errata/RHSA-2026:2225

Sat, 07 Feb 2026 00:15:00 +0000

Type	Values Removed	Values Added
References		https://nvd.nist.gov/vuln/detail/CVE-2026-1709 https://www.cve.org/CVERecord?id=CVE-2026-1709
Metrics	threat_severity `None`	threat_severity `Critical`

Fri, 06 Feb 2026 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 06 Feb 2026 19:30:00 +0000

Type	Values Removed	Values Added
Description		A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate.
Title		Keylime: keylime: authentication bypass allows unauthorized administrative operations due to missing client-side tls authentication
First Time appeared		Redhat Redhat enterprise Linux
Weaknesses		CWE-322
CPEs		cpe:/o:redhat:enterprise_linux:10 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat enterprise Linux
References		https://access.redhat.com/security/cve/CVE-2026-1709 https://bugzilla.redhat.com/show_bug.cgi?id=2435514
Metrics		cvssV3_1 `{'score': 9.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2026-02-06T19:13:27.695Z

Updated: 2026-03-05T21:48:12.328Z

Reserved: 2026-01-30T17:00:54.761Z

Link: CVE-2026-1709

Vulnrichment

Updated: 2026-02-06T19:38:25.955Z

NVD

Status : Analyzed

Published: 2026-02-06T20:16:09.193

Modified: 2026-03-05T20:58:02.720

Link: CVE-2026-1709

Redhat

Severity : Critical

Publid Date: 2026-02-06T17:45:00Z

Links: CVE-2026-1709 - Bugzilla

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object