CBRN-Analysis before 22 has weak file permissions under Public Profile, leading to disclosure of file contents or privilege escalation.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bruhn-newtech | cbrn-analysis | * |
CBRN-Analysis before 22 allows XXE attacks via am mws XML document, leading to NTLMv2-SSP hash disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bruhn-newtech | cbrn-analysis | * |