CVE-2025-47221 — MEDIUM (5.3)

Q: How severe is CVE-2025-47221?

CVE-2025-47221 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-47221?

Check the references section above for vendor advisories and patch information. Affected products include: Keyfactor Signserver.

Vulnerability Description

An arbitrary file write was found in Keyfactor SignServer versions prior to 7.3.2. The properties ARCHIVETODISK_FILENAME-PATTERN, ARCHIVETODISK_PATH_BASE, ARCHIVETODISK_PATH_PATTERN can be set to any path, even ones that will point to files that already exist. This vulnerability gives a user with admin access the possibility to write files in arbitrary directories in the server file system and potentially overwrite files accessible by the local user JBoss.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Keyfactor	Signserver	< 7.3.1

Related Weaknesses (CWE)

CWE-284

References

FAQ

What is CVE-2025-47221?

CVE-2025-47221 is a vulnerability with a CVSS score of 5.3 (MEDIUM). An arbitrary file write was found in Keyfactor SignServer versions prior to 7.3.2. The properties ARCHIVETODISK_FILENAME-PATTERN, ARCHIVETODISK_PATH_BASE, ARCHIVETODISK_PATH_PATTERN can be set to any ...

How severe is CVE-2025-47221?

CVE-2025-47221 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-47221?

Check the references section above for vendor advisories and patch information. Affected products include: Keyfactor Signserver.