In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates (attributes and public keys) to unauthenticated or less privileged users may occur.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-08-03T00:00:00
Updated: 2024-08-02T16:01:54.234Z
Reserved: 2023-05-30T00:00:00
Link: CVE-2023-34196
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-08-03T03:15:10.480
Modified: 2023-08-08T14:42:28.803
Link: CVE-2023-34196
Redhat
No data.