VYPR

EJBCA

by Keyfactor

CVEs (3)

  • CVE-2022-34831CriSep 14, 2022
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered in Keyfactor PrimeKey EJBCA before 7.9.0, related to possible inconsistencies in DNS identifiers submitted in an ACME order and the corresponding CSR submitted during finalization. During the ACME enrollment process, an order is submitted containing an…

  • CVE-2023-34196HigAug 3, 2023
    risk 0.53cvss 8.2epss 0.00

    In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates (attributes and public keys) to unauthenticated or less…

  • CVE-2022-42954MedNov 17, 2022
    risk 0.35cvss 5.4epss 0.00

    Keyfactor EJBCA before 7.10.0 allows XSS.