ByteOS Network

NVD Vulnerability Details :

CVE-2026-1709

Analyzed

Source-secalert@redhat.com

Published At-06 Feb, 2026 | 20:16

Updated At-05 Mar, 2026 | 20:58

A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	9.4	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Primary	3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 9.4

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

Type: Primary

Version: 3.1

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CPE Matches

keylime>>keylime>>Versions before 7.12.0(exclusive)

cpe:2.3:a:keylime:keylime:*:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux>>9.0

cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux>>10.0

cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_eus>>10.0

cpe:2.3:o:redhat:enterprise_linux_eus:10.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_for_arm_64>>9.0_aarch64

cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_for_arm_64>>10.0_aarch64

cpe:2.3:o:redhat:enterprise_linux_for_arm_64:10.0_aarch64:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_for_arm_64_eus>>10.0_aarch64

cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:10.0_aarch64:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_for_ibm_z_systems>>9.0_s390x

cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_for_ibm_z_systems>>10.0_s390x

cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:10.0_s390x:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_for_ibm_z_systems_eus>>10.0_s390x

cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:10.0_s390x:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_for_power_little_endian>>9.0_ppc64le

cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_for_power_little_endian>>10.0_ppc64le

cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:10.0_ppc64le:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_for_power_little_endian_eus>>10.0_ppc64le

cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:10.0_ppc64le:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-322	Secondary	secalert@redhat.com
NVD-CWE-noinfo	Primary	nvd@nist.gov

CWE ID: CWE-322

Type: Secondary

Source: secalert@redhat.com

CWE ID: NVD-CWE-noinfo

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
https://access.redhat.com/errata/RHSA-2026:2224	secalert@redhat.com	Third Party Advisory
https://access.redhat.com/errata/RHSA-2026:2225	secalert@redhat.com	Third Party Advisory
https://access.redhat.com/errata/RHSA-2026:2298	secalert@redhat.com	Third Party Advisory
https://access.redhat.com/security/cve/CVE-2026-1709	secalert@redhat.com	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2435514	secalert@redhat.com	Issue Tracking Third Party Advisory