Vulnerabilities > Siren
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-19 | CVE-2023-35857 | Insufficient Session Expiration vulnerability in Siren Investigate 12.1.7/13.2.0/13.2.1 In Siren Investigate before 13.2.2, session keys remain active even after logging out. | 9.8 |
| 2023-01-05 | CVE-2022-47543 | Unspecified vulnerability in Siren Investigate An issue was discovered in Siren Investigate before 12.1.7. | 5.3 |
| 2023-01-05 | CVE-2022-47544 | Unspecified vulnerability in Siren Investigate An issue was discovered in Siren Investigate before 12.1.7. | 9.8 |
| 2021-11-02 | CVE-2021-36794 | Unspecified vulnerability in Siren Investigate In Siren Investigate before 11.1.4, when enabling the cluster feature of the Siren Alert application, TLS verifications are disabled globally in the Siren Investigate main process. | 9.8 |
| 2021-07-19 | CVE-2021-31216 | Server-Side Request Forgery (SSRF) vulnerability in Siren Investigate Siren Investigate before 11.1.1 contains a server side request forgery (SSRF) defect in the built-in image proxy route (which is enabled by default). | 8.1 |
| 2021-04-13 | CVE-2021-28938 | Unspecified vulnerability in Siren Federate Siren Federate before 6.8.14-10.3.9, 6.9.x through 7.6.x before 7.6.2-20.2, 7.7.x through 7.9.x before 7.9.3-21.6, 7.10.x before 7.10.2-22.2, and 7.11.x before 7.11.2-23.0 can leak user information across thread contexts. | 4.3 |