Vulnerabilities > CVE-2025-1057

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

network

low complexity

CWE-704

NVD

Published: 2025-03-15

Updated: 2025-03-15

Summary

A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas the updated registrar expects str. This issue leads to an exception when processing agent registration requests, causing the agent to fail.

Common Weakness Enumeration (CWE)

CWE-704 - Incorrect Type Conversion or Cast

References

https://access.redhat.com/security/cve/CVE-2025-1057
https://bugzilla.redhat.com/show_bug.cgi?id=2343894

Vulnerabilities > CVE-2025-1057 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2025-1057"}]}

Summary

Common Weakness Enumeration (CWE)

References

Vulnerabilities > CVE-2025-1057