Vulnerabilities > Keyfactor > Ejbca
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-12 | CVE-2024-36066 | Unspecified vulnerability in Keyfactor Ejbca 8.0.0 The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not compliant with the security requirements of RFC 4211, and might make man-in-the-middle attacks easier. | 3.1 |
| 2023-08-03 | CVE-2023-34196 | Improper Authentication vulnerability in Keyfactor Ejbca In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. | 8.2 |