Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. The External Command Certificate Validator, which allows administrators to upload external linters to validate certificates, is supposed to save uploaded test certificates to the server. An attacker who has gained access to the CA UI could exploit this to upload malicious scripts to the server. (Risks associated with this issue alone are negligible unless a malicious user already has gained access to the CA UI through other means, as a trusted user is already trusted to upload scripts by virtue of having access to the validator.)
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PrimeKey Solutions EJBCA 代码问题漏洞
Vulnerability Description
PrimeKey Solutions EJBCA是瑞典PrimeKey Solutions公司的一款软件公钥基础结构证书颁发机构软件包 PrimeKey Solutions EJBCA 6.15.2.6之前版本和7.3.1.2之前的7.x版本中存在安全漏洞。攻击者可利用该漏洞向服务器上传恶意脚本。
CVSS Information
N/A
Vulnerability Type
N/A