Vulnerability Details CVE-2021-32094
U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to upload arbitrary files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.8%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- https://blog.sonarsource.com/code-vulnerabilities-in-nsa-application-revealed
- https://portswigger.net/daily-swig/nsa-workflow-application-emissary-vulnerable-to-malicious-takeover
- https://blog.sonarsource.com/code-vulnerabilities-in-nsa-application-revealed
- https://portswigger.net/daily-swig/nsa-workflow-application-emissary-vulnerable-to-malicious-takeover