PT-2021-19663 · Emissary · Emissary

Dennis Brinkrolf

·

Published

2021-05-07

·

Updated

2021-05-12

·

CVE-2021-32095

CVSS v3.1

8.1

High

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Emissary version 5.9.0
Description: The issue allows an authenticated user to delete arbitrary files.
Recommendations: For version 5.9.0, restrict file deletion privileges to prevent unauthorized access until a patch is available.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2021-32095

Affected Products

Emissary