Primary

Context

EJBCA Host Header Injection Vulnerability Allowing Redirection to Malicious Servers

Vulnerability

Patched

A vulnerability in the EJBCA service, version 8.0 Enterprise, allows for manipulation of generated links by modifying the 'Host' header in an HTTP request. This could redirect clients to a different base URL, potentially leading to an attacker-controlled server that intercepts HTTP requests from the client.

Impact

Exploitation of this vulnerability could result in unauthorized redirection of client requests to an attacker-controlled server.

Remediation

Users are advised to update to EJBCA version 9.1. If running a reverse proxy, disable caching for the URL paths /ejbca/ra/ and /ejbca/adminweb/.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

0.6

exploitability

6.4

remediation

7.9

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

0.6

exploitability

6.4

remediation

7.9

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

EJBCA Host Header Injection Vulnerability Allowing Redirection to Malicious Servers

Vulnerability

Impact

Remediation

Affected Products

EJBCA

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating