CVE-2021-36794

Published: Nov 2, 2021Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

In Siren Investigate before 11.1.4, when enabling the cluster feature of the Siren Alert application, TLS verifications are disabled globally in the Siren Investigate main process.

Affected (1)

Products: Siren: Investigate

Siren

1 product

Investigate

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Siren Investigate	Before 11.1.4

References (6)

https://community.siren.io/c/announcements

Source: cve@mitre.org

Vendor Advisory

https://docs.siren.io/index

Source: cve@mitre.org

Release NotesVendor Advisory

https://docs.siren.io/siren-platform-user-guide/11.1/release-notes.html#_security_fixes_3

Source: cve@mitre.org

Release NotesVendor Advisory

https://community.siren.io/c/announcements

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://docs.siren.io/index

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://docs.siren.io/siren-platform-user-guide/11.1/release-notes.html#_security_fixes_3

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

Timeline

No history available yet.