N/A

An issue was discovered in Keyfactor PrimeKey EJBCA before 7.9.0, related to possible inconsistencies in DNS identifiers submitted in an ACME order and the corresponding CSR submitted during finalization. During the ACME enrollment process, an order is submitted containing an identifier for one or multiple dnsNames. These are validated properly in the ACME challenge. However, if the validation passes, a non-compliant client can include additional dnsNames the CSR sent to the finalize endpoint, resulting in EJBCA issuing a certificate including the identifiers that were not validated. This occurs even if the certificate profile is configured to not allow a DN override by the CSR.

N/A

N/A

Primekey Solutions PrimeKey EJBCA 信任管理问题漏洞

Primekey Solutions PrimeKey EJBCA是瑞典Primekey Solutions公司的一个全功能的CA系统软件。该软件用于域内证书管理，注册和注册到证书验证等功能实现访问安全。 Primekey Solutions PrimeKey EJBCA 7.9.0之前版本存在安全漏洞，该漏洞源于在 ACME 订单中提交的 DNS 标识符和在最终确定期间提交的相应 CSR 中可能存在不一致，攻击者利用该漏洞可以颁发包含未验证标识符的证书。

N/A

N/A