Keyfactor SignServer Container Startup Logic Vulnerability Allowing Unrestricted Admin Access
Vulnerability
A vulnerability exists in Keyfactor SignServer container deployments prior to version 7.2, related to the Admin CLI command that configures certificate access. This command inadvertently resets the access configuration to 'allowany' on each container restart, instead of only during the initial startup. As a result, any user with a valid and trusted client authentication certificate can gain access to the AdminWeb as an administrator, undermining more restrictive access controls that may have been established.
Impact
Exploitation of this vulnerability allows unauthorized access to the AdminWeb as an administrator, bypassing established certificate-based access controls.
Remediation
Users of Keyfactor SignServer Container should update to version 7.2 and verify that the 'Allow Only Listed' configuration is set as intended. After updating, confirm the version in the AdminWeb and check the certificate access settings.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.