Vulnerabilities > CVE-2021-36794 - Unspecified vulnerability in Siren Investigate

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

siren

critical

NVD

Published: 2021-11-02

Updated: 2021-11-04

Summary

In Siren Investigate before 11.1.4, when enabling the cluster feature of the Siren Alert application, TLS verifications are disabled globally in the Siren Investigate main process.

Vulnerable Configurations

Part	Description	Count
Application	Siren Siren Investigate -	1

References

https://docs.siren.io/siren-platform-user-guide/11.1/release-notes.html#_security_fixes_3
https://docs.siren.io/index
https://community.siren.io/c/announcements