{
  "threat_severity" : "Moderate",
  "public_date" : "2023-07-12T00:00:00Z",
  "bugzilla" : {
    "description" : "keylime: registrar is subject to a DoS against SSL connections",
    "id" : "2222692",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2222692"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-400",
  "details" : [ "A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.", "A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-09-12T00:00:00Z",
    "advisory" : "RHSA-2023:5080",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "keylime-0:6.5.2-6.el9_2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-38200\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-38200\nhttps://github.com/keylime/keylime/pull/1421" ],
  "name" : "CVE-2023-38200",
  "csaw" : false
}