vulnerability

Ubuntu: USN-7146-1 (CVE-2020-25715): Dogtag PKI vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	2021-05-28	2024-12-11	2024-12-11

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

2021-05-28

Added

2024-12-11

Modified

2024-12-11

Description

A flaw was found in pki-core 10.9.0. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.

Solution(s)

ubuntu-pro-upgrade-dogtag-pkiubuntu-pro-upgrade-pki-baseubuntu-pro-upgrade-pki-base-javaubuntu-pro-upgrade-pki-caubuntu-pro-upgrade-pki-server

References

CVE-2020-25715
https://attackerkb.com/topics/CVE-2020-25715
UBUNTU-USN-7146-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today