Lucene search
@huntrdevCVELIST:CVE-2021-3846HistoryOct 19, 2021 - 12:30 p.m.
CVE-2021-3846 Unrestricted Upload of File with Dangerous Type in firefly-iii/firefly-iii
2021-10-1912:30:26
CWE-434
@huntrdev
www.cve.org
1
firefly-iii
unrestricted upload
file type
vulnerability
CVSS3
6.3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.001
Percentile
40.9%
firefly-iii is vulnerable to Unrestricted Upload of File with Dangerous Type
CNA Affected
[
{
"product": "firefly-iii/firefly-iii",
"vendor": "firefly-iii",
"versions": [
{
"lessThan": "5.6.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2021-3846
2021-10-19 13:15:11
huntr
huntr
in firefly-iii/firefly-iii
2021-10-01 08:43:15
cnvd
cnvd
firefly-iii code issue vulnerability
2021-10-22 00:00:00
github
github
Unrestricted File Upload vulnerability in Firefly III
2022-05-24 19:18:01
osv
osv
CVE-2021-3846
2021-10-19 13:15:11
Unrestricted File Upload vulnerability in Firefly III
2022-05-24 19:18:01
prion
prion
Unrestricted file upload
2021-10-19 13:15:00
nvd
nvd
CVE-2021-3846
2021-10-19 13:15:11
CVSS3
6.3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.001
Percentile
40.9%
Related for CVELIST:CVE-2021-3846