Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
primekey ejbca vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-11628
An issue exists in EJBCA prior to 6.15.2.6 and 7.x prior to 7.3.1.2. It is intended to support restriction of available remote protocols (CMP, ACME, REST, etc.) through the system configuration. These restrictions can be bypassed by modifying the URI string from a client. (EJBCA&...
Primekey Ejbca
578
VMScore
CVE-2020-11629
An issue exists in EJBCA prior to 6.15.2.6 and 7.x prior to 7.3.1.2. The External Command Certificate Validator, which allows administrators to upload external linters to validate certificates, is supposed to save uploaded test certificates to the server. An attacker who has gain...
Primekey Ejbca
356
VMScore
CVE-2020-11631
An issue exists in EJBCA prior to 6.15.2.6 and 7.x prior to 7.3.1.2. An error state can be generated in the CA UI by a malicious user. This, in turn, allows exploitation of other bugs. This follow-on exploitation can lead to privilege escalation and remote code execution. (This i...
Primekey Ejbca
NA
CVE-2022-39834
A stored XSS vulnerability exists in adminweb/ra/viewendentity.jsp in PrimeKey EJBCA up to and including 7.9.0.2. A low-privilege user can store JavaScript in order to exploit a higher-privilege user.
Keyfactor Primekey Ejbca
NA
CVE-2022-40711
PrimeKey EJBCA 7.9.0.2 Community allows stored XSS in the End Entity section. A user with the RA Administrator role can inject an XSS payload to target higher-privilege users.
Primekey Ejbca 7.9.0.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2