Filtered by vendor Keyfactor
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-34196 | 1 Keyfactor | 1 Ejbca | 2023-08-08 | N/A | 8.2 HIGH |
| In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates (attributes and public keys) to unauthenticated or less privileged users may occur. | |||||
| CVE-2022-42954 | 1 Keyfactor | 1 Kefactor Ejbca | 2022-11-17 | N/A | 5.4 MEDIUM |
| Keyfactor EJBCA before 7.10.0 allows XSS. | |||||
| CVE-2022-39834 | 1 Keyfactor | 1 Primekey Ejbca | 2022-11-17 | N/A | 5.4 MEDIUM |
| A stored XSS vulnerability was discovered in adminweb/ra/viewendentity.jsp in PrimeKey EJBCA through 7.9.0.2. A low-privilege user can store JavaScript in order to exploit a higher-privilege user. | |||||