漏洞关键信息 CVE编号: CVE-2026-1709 漏洞描述: Keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication 状态: NEW 报告日期: 2026-01-30 17:04 UTC 修改日期: 2026-02-06 17:45 UTC 优先级: urgent 严重性: urgent 操作系统: Linux 产品: Security Response 组件: vulnerability 版本: unspecified 硬件: All 漏洞详情 问题描述: The Keylime registrar since version 7.12.0 does not require client-side TLS authentication because is not set when configuring the TLS context. This allows unauthenticated clients to perform administrative operations (list agents, retrieve public TPM data, delete agents) by connecting without presenting a client certificate. 利用条件: Network access to the registrar HTTPS port (default 8891) No credentials, certificates, or special tools required Standard HTTP client (curl, wget, etc.) is sufficient 缓解措施 1. 网络隔离: 限制对注册商端口8891的网络访问,仅允许使用防火墙规则的受信验证器和租户主机。 2. 带有mTLS的反向代理: 在注册商前面部署带有客户端证书验证的反向代理(nginx, HAProxy)。 3. 升级: 应用修复程序(添加 以强制客户端证书验证)。