Medium severity6.1NVD Advisory· Published Mar 31, 2025· Updated Jun 17, 2026
CVE-2025-3027
CVE-2025-3027
Description
The vulnerability exists in the EJBCA service, version 8.0 Enterprise. By making a small change to the PATH of the URL associated with the service, the server fails to find the requested file and redirects to an external page. This vulnerability could allow users to be redirected to potentially malicious external sites, which can be exploited for phishing or other social engineering attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- PrimeKey Solutions AB/EJBCAv5Range: 8.0
Patches
Vulnerability mechanics
References
1- www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-ejbcanvdThird Party Advisory
News mentions
0No linked articles in our index yet.