CVE-2023-5342

The Fedora Secure Boot CA certificate shipped with shim in Fedora was expired which could lead to old or invalid signed boot components being loaded.

CVSS v3 4.1 MEDIUM

4.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.5 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2023-5342
https://bodhi.fedoraproject.org/updates/FEDORA-2024-2aa28a4cfc
https://bugzilla.redhat.com/show_bug.cgi?id=2198977
https://bugzilla.redhat.com/show_bug.cgi?id=2388707

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) El certificado CA de arranque seguro de Fedora enviado con shim en Fedora había expirado, lo que podría provocar que se cargaran componentes de arranque firmados antiguos o no válidos.

15 Aug 2025, 12:15

Type	Values Removed	Values Added
Summary	~~(en) Rejected reason: The original vulnerability was not valid.~~	(en) The Fedora Secure Boot CA certificate shipped with shim in Fedora was expired which could lead to old or invalid signed boot components being loaded.
References		() https://access.redhat.com/security/cve/CVE-2023-5342 - () https://bodhi.fedoraproject.org/updates/FEDORA-2024-2aa28a4cfc - () https://bugzilla.redhat.com/show_bug.cgi?id=2198977 - () https://bugzilla.redhat.com/show_bug.cgi?id=2388707 -
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 4.1
CWE		CWE-324

14 Aug 2025, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-14 13:15

Updated : 2026-06-17 06:48

NVD link : CVE-2023-5342

Mitre link : CVE-2023-5342

CVE.ORG link : CVE-2023-5342

JSON object : View

Products Affected

No product.

CWE

CWE-324

Use of a Key Past its Expiration Date

{"id": "CVE-2023-5342", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2023-5342", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-15T12:56:07.496868Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 0.5}]}, "affected": [{"source": "patrick@puiterwijk.org", "affectedData": [{"versions": [{"status": "affected", "version": "15.6-2", "lessThan": "15.8-2", "versionType": "rpm"}], "packageName": "shim-x64", "collectionURL": "https://koji.fedoraproject.org/koji/packageinfo?packageID=14502", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:10"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "packageName": "shim", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "packageName": "shim", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "packageName": "shim", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "packageName": "shim", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected"}]}], "published": "2025-08-14T13:15:32.890", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-5342", "source": "patrick@puiterwijk.org"}, {"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-2aa28a4cfc", "source": "patrick@puiterwijk.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2198977", "source": "patrick@puiterwijk.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388707", "source": "patrick@puiterwijk.org"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "description": [{"lang": "en", "value": "CWE-324"}]}], "descriptions": [{"lang": "en", "value": "The Fedora Secure Boot CA certificate shipped with shim in Fedora was expired which could lead to old or invalid signed boot components being loaded."}, {"lang": "es", "value": "El certificado CA de arranque seguro de Fedora enviado con shim en Fedora hab\u00eda expirado, lo que podr\u00eda provocar que se cargaran componentes de arranque firmados antiguos o no v\u00e1lidos."}], "lastModified": "2026-06-17T06:48:22.960", "sourceIdentifier": "patrick@puiterwijk.org"}