How severe is CVE-2021-40089?

This vulnerability has a severity rating of LOW with a CVSS score of 2.3 out of 10.

What type of vulnerability is CVE-2021-40089?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2021-40089 - LOW Severity | CVSS 2.3

Vulnerability Description

An issue was discovered in PrimeKey EJBCA before 7.6.0. The General Purpose Custom Publisher, which is normally run to invoke a local script upon a publishing operation, was still able to run if the System Configuration setting Enable External Script Access was disabled. With this setting disabled it's not possible to create new such publishers, but existing publishers would continue to run.

Related Vulnerabilities

CVE-2017-15307

LOW

CVSS:2.3(Low)

Huawei Honor 8 smartphone with software versions earlier than FRD-L04C567B389 and earlier than FRD-L14C567B389 have a permission control vulnerability due to improper authorization configuration on sp...

NVD-CWE-Other2017

CVE-2018-2923

LOW

CVSS:2.3(Low)

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Services). The supported version that is affected is Prior to 8.7.20. Easily ...

NVD-CWE-Other2018

CVE-2019-12756

LOW

CVSS:2.3(Low)

Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individu...

NVD-CWE-Other2019

CVE-2019-2926

LOW

CVSS:2.3(Low)

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerabi...

NVD-CWE-Other2019

CVE-2019-2940

LOW

CVSS:2.3(Low)

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attack...

NVD-CWE-Other2019

CVE-2019-4394

LOW

CVSS:2.3(Low)

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 contain APIs that could be used by a local user to send email. IBM X-Force ID: 162232.

NVD-CWE-Other2019