CVE-2021-40087
PrimeKey EJBCA before version 7.6.0 is affected by an issue where modifications to enrollment-secret alias configurations for protocols SCEP, CMP, and EST are logged in cleartext in the audit log (administrator-accessible). The vulnerability arises from audit logging changes to alias configuratio...