Arbitrary File Read Vulnerability in NSA Emissary 5.9.0 ConfigFileAction Component

Arbitrary File Read Vulnerability in NSA Emissary 5.9.0 ConfigFileAction Component

CVE-2021-32093 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

The ConfigFileAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to read arbitrary files via the ConfigName parameter.

Learn more about our User Device Pen Test.