VYPR
Medium severity6.5NVD Advisory· Published Apr 8, 2020· Updated Jun 17, 2026

CVE-2020-11631

CVE-2020-11631

Description

An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. An error state can be generated in the CA UI by a malicious user. This, in turn, allows exploitation of other bugs. This follow-on exploitation can lead to privilege escalation and remote code execution. (This is exploitable only when at least one accessible port lacks a requirement for client certificate authentication. These ports are 8442 or 8080 in a standard installation.)

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • EJBCA/EJBCAdescription
  • PrimeKey/EJBCAllm-fuzzy
    Range: <6.15.2.6, <7.3.1.2
  • EJBCA/EJBCAllm-fuzzy
    Range: <6.15.2.6, <7.3.1.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.