CNNVD-202512-3958 Information
CNNVD ID
CNNVD-202512-3958
Related CVE
- CNNVD Published: 2025-12-22
Description (Chinese)
Keyfactor SignServer是美国Keyfactor公司的一个数字签名引擎。 Keyfactor SignServer 7.2之前版本存在安全漏洞,该漏洞源于容器启动逻辑错误,可能导致重置配置为allowany。
Description (English)
Keyfactor SignServer is a digital signature engine of the United States company Keyfactor. There was a security loophole in the previous version of Keyfactor SignServer 7.2, which resulted from a logical error in the start-up of the container, which could lead to the replacement of the configuration with an alllowany.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Keyfactor
Published
2025-12-22
Last Modified
2026-02-24
References
https://docs.keyfactor.com/signserver/latest/signserver-7-2-release-notes https://support.keyfactor.com/hc/en-us/articles/33997706776987-SignServer-security-advisory-Container-vulnerability-CVE-2025-26787-fixed-in-version-7-2 https://access.redhat.com/security/cve/cve-2025-26787
Patch
https://docs.keyfactor.com/signserver/latest/signserver-7-2-release-notes
Share on: