Vulnerabilities > Keyfactor

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-12	CVE-2024-36066	Unspecified vulnerability in Keyfactor Ejbca 8.0.0 The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not compliant with the security requirements of RFC 4211, and might make man-in-the-middle attacks easier. network high complexity keyfactor	3.1
2024-08-20	CVE-2024-34458	SQL Injection vulnerability in Keyfactor Command 10.5.0/11.5.0 Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure. network low complexity keyfactor CWE-89	7.5
2024-08-20	CVE-2024-42006	Unspecified vulnerability in Keyfactor AWS Orchestrator Keyfactor AWS Orchestrator through 2.0 allows Information Disclosure. network low complexity keyfactor	7.5
2023-08-03	CVE-2023-34196	Improper Authentication vulnerability in Keyfactor Ejbca In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. network low complexity keyfactor CWE-287	8.2
2022-11-17	CVE-2022-39834	Cross-site Scripting vulnerability in Keyfactor Primekey Ejbca A stored XSS vulnerability was discovered in adminweb/ra/viewendentity.jsp in PrimeKey EJBCA through 7.9.0.2. network low complexity keyfactor CWE-79	5.4
2022-11-17	CVE-2022-42954	Cross-site Scripting vulnerability in Keyfactor Kefactor Ejbca Keyfactor EJBCA before 7.10.0 allows XSS. network low complexity keyfactor CWE-79	5.4

Vulnerabilities > Keyfactor {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Keyfactor"}]}