CVE-2021-32094

U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to upload arbitrary files.
Configurations

Configuration 1 (hide)

cpe:2.3:a:nsa:emissary:5.9.0:*:*:*:*:*:*:*

History

21 Nov 2024, 06:06

Type Values Removed Values Added
References () https://blog.sonarsource.com/code-vulnerabilities-in-nsa-application-revealed - Third Party Advisory () https://blog.sonarsource.com/code-vulnerabilities-in-nsa-application-revealed - Third Party Advisory
References () https://portswigger.net/daily-swig/nsa-workflow-application-emissary-vulnerable-to-malicious-takeover - Third Party Advisory () https://portswigger.net/daily-swig/nsa-workflow-application-emissary-vulnerable-to-malicious-takeover - Third Party Advisory

Information

Published : 2021-05-07 04:15

Updated : 2024-11-21 06:06


NVD link : CVE-2021-32094

Mitre link : CVE-2021-32094

CVE.ORG link : CVE-2021-32094


JSON object : View

Products Affected

nsa

  • emissary
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type