Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-27275

Malware in sbrugna...

3.5CVSS4.3AI score0.00542EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-27276

Malware in sbrugna...

4CVSS4.2AI score0.00412EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 10:52 a.m.17 views

BIT-EJBCA-2021-40086

An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the aliases for SCEP, CMP, EST, and Auto-enrollment, the enrollment secret was reflected on a page that can only be viewed by an administrator. While hidden from direct view, checking the page source would...

3.5CVSS3.7AI score0.00542EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 10:52 a.m.24 views

BIT-EJBCA-2021-40087

An issue was discovered in PrimeKey EJBCA before 7.6.0. When audit logging changes to the alias configurations of various protocols that use an enrollment secret, any modifications to the secret were logged in cleartext in the audit log that can only be viewed by an administrator. This affects us...

4CVSS3.7AI score0.00412EPSS
Exploits0References2
OSV
OSV
added 2021/08/25 2:15 a.m.3 views

CVE-2021-40087

An issue was discovered in PrimeKey EJBCA before 7.6.0. When audit logging changes to the alias configurations of various protocols that use an enrollment secret, any modifications to the secret were logged in cleartext in the audit log that can only be viewed by an administrator. This affects us...

2.7CVSS5.8AI score0.00412EPSS
Exploits0References1
NVD
NVD
added 2021/08/25 2:15 a.m.19 views

CVE-2021-40087

An issue was discovered in PrimeKey EJBCA before 7.6.0. When audit logging changes to the alias configurations of various protocols that use an enrollment secret, any modifications to the secret were logged in cleartext in the audit log that can only be viewed by an administrator. This affects us...

4CVSS0.00412EPSS
Exploits0References1
OSV
OSV
added 2021/08/25 2:15 a.m.3 views

CVE-2021-40086

An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the aliases for SCEP, CMP, EST, and Auto-enrollment, the enrollment secret was reflected on a page that can only be viewed by an administrator. While hidden from direct view, checking the page source would...

2.2CVSS5.8AI score0.00542EPSS
Exploits0References1
NVD
NVD
added 2021/08/25 2:15 a.m.14 views

CVE-2021-40086

An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the aliases for SCEP, CMP, EST, and Auto-enrollment, the enrollment secret was reflected on a page that can only be viewed by an administrator. While hidden from direct view, checking the page source would...

3.5CVSS0.00542EPSS
Exploits0References1
Prion
Prion
added 2021/08/25 2:15 a.m.14 views

Code injection

An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the aliases for SCEP, CMP, EST, and Auto-enrollment, the enrollment secret was reflected on a page that can only be viewed by an administrator. While hidden from direct view, checking the page source would...

3.5CVSS4.2AI score0.00542EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/08/25 2:15 a.m.7 views

CVE-2021-40086

An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the aliases for SCEP, CMP, EST, and Auto-enrollment, the enrollment secret was reflected on a page that can only be viewed by an administrator. While hidden from direct view, checking the page source would...

3.5CVSS5.8AI score0.00542EPSS
Exploits0References2
Prion
Prion
added 2021/08/25 2:15 a.m.15 views

Code injection

An issue was discovered in PrimeKey EJBCA before 7.6.0. When audit logging changes to the alias configurations of various protocols that use an enrollment secret, any modifications to the secret were logged in cleartext in the audit log that can only be viewed by an administrator. This affects us...

4CVSS4.1AI score0.00412EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/25 1:25 a.m.24 views

CVE-2021-40086

An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the aliases for SCEP, CMP, EST, and Auto-enrollment, the enrollment secret was reflected on a page that can only be viewed by an administrator. While hidden from direct view, checking the page source would...

4.1AI score0.00542EPSS
Exploits0References1
CVE
CVE
added 2021/08/25 1:25 a.m.55 views

CVE-2021-40086

PrimeKey EJBCA before 7.6.0 exposes the enrollment secret for SCEP, CMP, EST, and Auto-enrollment on an administrator-viewable page; the secret is recoverable via page source inspection. Affected: versions prior to 7.6.0. Impact: potential leakage of enrollment configuration secrets. Root cause: ...

3.5CVSS4AI score0.00542EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder