CVE

CVE-2021-40089

admin

CVE-2021-40089

An issue was discovered in PrimeKey EJBCA before 7.6.0. The General Purpose Custom Publisher, which is normally run to invoke a local script upon a publishing operation, was still able to run if the System Configuration setting Enable External Script Access was disabled. With this setting disabled itโ€™s not possible to create new such publishers, but existing publishers would continue to run.

Source: CVE-2021-40089

Exit mobile version