How to fix CVE-2025-3026?

Within 30 days: Identify affected systems running higher and apply vendor patches as part of regular patch cycle. Validate input sanitization for user-controlled parameters.

Is Ejbca affected by CVE-2025-3026?

Organizations using higher should be aware of moderate risk from CVE-2025-3026, a injection vulnerability rated CVSS 5.1. Exploitation could allow attackers to execute code or inject malicious input. Organizations should apply vendor updates when available and monitor for exploitation.

Ejbca CVE-2025-3026

MEDIUM

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') (CWE-74)

2025-03-31 [email protected]

Information Disclosure Ejbca

5.1

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Scope

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:34 vuln.today

CVE Published

Mar 31, 2025 - 11:15 nvd

MEDIUM 5.1

DescriptionNVD

The vulnerability exists in the EJBCA service, version 8.0 Enterprise. Not tested in higher versions. By modifying the ‘Host’ header in an HTTP request, it is possible to manipulate the generated links and thus redirect the client to a different base URL. In this way, an attacker could insert his own server for the client to send HTTP requests, provided he succeeds in exploiting it.

AnalysisAI

The vulnerability exists in the EJBCA service, version 8.0 Enterprise. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-74. The vulnerability exists in the EJBCA service, version 8.0 Enterprise. Not tested in higher versions. By modifying the ‘Host’ header in an HTTP request, it is possible to manipulate the generated links and thus redirect the client to a different base URL. In this way, an attacker could insert his own server for the client to send HTTP requests, provided he succeeds in exploiting it. Affected products include: Primekey Ejbca. Version information: version 8.0.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2025-3026 vulnerability details – vuln.today

Back

Ejbca CVE-2025-3026

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

Ejbca CVE-2025-3026

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code