threat
engine
.sh
Back
·
··:··
Home
/
Product
/
dogtagpki
Product
dogtagpki
16 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2022-4132
< 5.5.0
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured tha
5.9
MEDIUM
CVE-2021-4213
< 4.9.3
A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory
7.5
HIGH
CVE-2022-2414
all versions
Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote at
7.5
HIGH
CVE-2021-3551
>= 10.10.0 and < 10.10.6
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installat
7.8
HIGH
CVE-2020-25715
all versions
A flaw was found in pki-core 10.9.0. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS
6.1
MEDIUM
CVE-2020-1721
all versions
A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the reco
6.1
MEDIUM
CVE-2021-20179
< 10.5.0
A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding ce
8.1
HIGH
CVE-2020-15720
<= 10.8.3
In Dogtag PKI through 10.8.3, the pki.client.PKIConnection class did not enable python-requests certificate validation. Since the
6.8
MEDIUM
CVE-2019-10180
>= 10.0 and <= 10.8.3
A vulnerability was found in all pki-core 10.x.x version, where the Token Processing Service (TPS) did not properly sanitize sever
2.4
LOW
CVE-2020-1696
>= 10.0 and <= 10.8.3
A flaw was found in the all pki-core 10.x.x versions, where Token Processing Service (TPS) where it did not properly sanitize Prof
4.6
MEDIUM
CVE-2019-10221
>= 10.0 and <= 10.8.3
A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-cor
4.3
MEDIUM
CVE-2019-10179
>= 10.0 and <= 10.8.3
A vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority (KRA) Agent Service did not properly s
4.3
MEDIUM
CVE-2019-10178
all versions
It was found that the Token Processing Service (TPS) did not properly sanitize the Token IDs from the "Activity" page, enabling a
4.6
MEDIUM
CVE-2019-10146
>= 10.0 and <= 10.7.3
A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agen
4.7
MEDIUM
CVE-2017-7537
< 10.6.4
It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core pac
5.9
MEDIUM
CVE-2018-1080
<= 10.6.1
Dogtag PKI, through version 10.6.1, has a vulnerability in AAclAuthz.java that, under certain configurations, causes the applicati
7.5
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin