Medium severity6.5NVD Advisory· Published Apr 8, 2020· Updated Jun 17, 2026
CVE-2020-11631
CVE-2020-11631
Description
An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. An error state can be generated in the CA UI by a malicious user. This, in turn, allows exploitation of other bugs. This follow-on exploitation can lead to privilege escalation and remote code execution. (This is exploitable only when at least one accessible port lacks a requirement for client certificate authentication. These ports are 8442 or 8080 in a standard installation.)
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- EJBCA/EJBCAdescription
Patches
Vulnerability mechanics
References
1- support.primekey.com/news/primekey-announcementsnvdVendor Advisory
News mentions
0No linked articles in our index yet.