Vulnerabilities > Keyfactor > High

DATE CVE VULNERABILITY TITLE RISK
2024-08-20 CVE-2024-34458 SQL Injection vulnerability in Keyfactor Command 10.5.0/11.5.0
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure.
network
low complexity
keyfactor CWE-89
7.5
7.5
2024-08-20 CVE-2024-42006 Unspecified vulnerability in Keyfactor AWS Orchestrator
Keyfactor AWS Orchestrator through 2.0 allows Information Disclosure.
network
low complexity
keyfactor
7.5
7.5
2023-08-03 CVE-2023-34196 Improper Authentication vulnerability in Keyfactor Ejbca
In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue.
network
low complexity
keyfactor CWE-287
8.2
8.2