CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2019-10179 – pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab
https://notcve.org/view.php?id=CVE-2019-10179
20 Mar 2020 — A vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code. Se detectó una vulnerabilidad en todas las versiones de pki-core 10.x.x, donde el Key Recovery Authority (KRA) Agent Service no saneó apropiadamente la página de búsqueda de petición ... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10179 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2019-10221 – pki-core: Reflected XSS in getcookies?url= endpoint in CA
https://notcve.org/view.php?id=CVE-2019-10221
20 Mar 2020 — A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser. Se detectó una vulnerabilidad de tipo Cross Site Scripting Reflejado en todas las versiones de pki-core 10.x.x, en el módulo pki-ca del se... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10221 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10178 – pki-core: stored Cross-site scripting (XSS) in the pki-tps web Activity tab
https://notcve.org/view.php?id=CVE-2019-10178
18 Mar 2020 — It was found that the Token Processing Service (TPS) did not properly sanitize the Token IDs from the "Activity" page, enabling a Stored Cross Site Scripting (XSS) vulnerability. An unauthenticated attacker could trick an authenticated victim into creating a specially crafted activity, which would execute arbitrary JavaScript code when viewed in a browser. All versions of pki-core are believed to be vulnerable. Se detectó que el Token Processing Service (TPS) no sanea apropiadamente los ID de Token de la pá... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10178 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2019-10146 – pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page
https://notcve.org/view.php?id=CVE-2019-10146
18 Mar 2020 — A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser. Se detectó un fallo de tipo Cross Site Scripting Reflejado en todos los módulos pki-core versiones 10.x.x del servidor pki-core debido a que el CA Agent Service no sanea apropiadamente la página de petición de certificad... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10146 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1080 – pki-core: Mishandled ACL configuration in AAclAuthz.java reverses rules that allow and deny access
https://notcve.org/view.php?id=CVE-2018-1080
26 Jun 2018 — Dogtag PKI, through version 10.6.1, has a vulnerability in AAclAuthz.java that, under certain configurations, causes the application of ACL allow and deny rules to be reversed. If a server is configured to process allow rules before deny rules (authz.evaluateOrder=allow,deny), then allow rules will deny access and deny rules will grant access. This may result in an escalation of privileges or have other unintended consequences. Dogtag PKI, hasta la versión 10.6.1, tiene una vulnerabilidad en AAclAuthz.java ... • https://access.redhat.com/errata/RHSA-2018:1979 • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2017-7537 – pki-core: mock CMC authentication plugin with hardcoded secret enabled by default
https://notcve.org/view.php?id=CVE-2017-7537
01 Aug 2017 — It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package before 10.6.4. An attacker could potentially use this flaw to bypass the regular authentication process and trick the CA server into issuing certificates. Se ha detectado que un plugin de autenticación CMC simulado con un secreto embebido se ha habilitado por accidente y por defecto en el paquete pki-core en versiones anteriores a la 10.6.4. Un atacante podría utilizar este ... • https://access.redhat.com/errata/RHSA-2017:2335 • CWE-287: Improper Authentication CWE-592: DEPRECATED: Authentication Bypass Issues CWE-798: Use of Hard-coded Credentials •