Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
NsaEmissary5.9.0

5 matches found

CVE
CVEadded 2021/05/07 4:15 a.m.51 views

CVE-2021-32094

U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to upload arbitrary files.

8.8CVSS8.6AI score0.00517EPSS
CVE
CVEadded 2021/05/07 4:15 a.m.45 views

CVE-2021-32095

U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to delete arbitrary files.

8.1CVSS7.9AI score0.00213EPSS
CVE
CVEadded 2021/05/07 5:15 a.m.35 views

CVE-2021-32093

The ConfigFileAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to read arbitrary files via the ConfigName parameter.

6.5CVSS6.3AI score0.00275EPSS
CVE
CVEadded 2021/05/07 5:15 a.m.30 views

CVE-2021-32092

A Cross-site scripting (XSS) vulnerability in the DocumentAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the uuid parameter.

6.1CVSS6AI score0.00356EPSS
CVE
CVEadded 2021/05/07 4:15 a.m.28 views

CVE-2021-32096

The ConsoleAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows a CSRF attack that results in injecting arbitrary Ruby code (for an eval call) via the CONSOLE_COMMAND_STRING parameter.

8.8CVSS8.7AI score0.00145EPSS