3 matches found
CVE-2023-34196
In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates attributes and public keys to unauthenticated or less privileged users may...
CVE-2023-34196
In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates attributes and public keys to unauthenticated or less privileged users may...
CVE-2023-34196
Affected software: Keyfactor EJBCA prior to 8.0.0. Vulnerable component: RA web certificate distribution servlet at /ejbca/ra/cert. Root cause: authentication issue enabling partial denial of service. In OAuth configurations, CA certificates (attributes and public keys) may be disclosed to unauth...