How severe is CVE-2020-25276?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.3 out of 10.

What type of vulnerability is CVE-2020-25276?

This is classified as CWE-295, which is a common weakness in software security.

CVE-2020-25276 - HIGH Severity | CVSS 7.3

Vulnerability Description

An issue was discovered in PrimeKey EJBCA 6.x and 7.x before 7.4.1. When using a client certificate to enroll over the EST protocol, no revocation check is performed on that certificate. This vulnerability can only affect a system that has EST configured, uses client certificates to authenticate enrollment, and has had such a certificate revoked. This certificate needs to belong to a role that is authorized to enroll new end entities. (To completely mitigate this problem prior to upgrade, remove any revoked client certificates from their respective roles.)

Related Vulnerabilities

CVE-2021-24012

HIGH

CVSS:7.3(High)

An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP user to connect to SSLVPN with any certificate that is signed by a trusted ...

CWE-2952021

CVE-2023-49250

HIGH

CVSS:7.3(High)

Because the HttpUtils class did not verify certificates, an attacker that could perform a Man-in-the-Middle (MITM) attack on outgoing https connections could impersonate the server. This issue affects...

CWE-2952023

CVE-2024-32865

HIGH

CVSS:7.3(High)

Under certain circumstances the exacqVision Server will not properly validate TLS certificates provided by connected devices.

CWE-2952024

CVE-2024-3738

HIGH

CVSS:7.3(High)

A vulnerability classified as critical has been found in cym1102 nginxWebUI up to 3.9.9. This affects the function handlePath of the file /adminPage/conf/saveCmd. The manipulation of the argument ngin...

CWE-2952024

CVE-2021-22189

HIGH

CVSS:7.2(High)

Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to the validation of the certificates for the Fortinet OTP that could result in authentication issues.

CWE-2952021

CVE-2021-40831

HIGH

CVSS:7.2(High)

The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority (CA) to the root CAs instead of overriding it on macOS systems. Additionally, SNI validation i...

CWE-2952021