MEDIUM🇬🇧 English

CVE-2022-47543

CVSS 5.3v3.1pub. 2023-01-05upd. 2025-04-10

An issue was discovered in Siren Investigate before 12.1.7. There is an ACL bypass on global objects.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
  • Siren Investigate

    APP
    Siren
    < 12.1.7
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-35857CRITICAL9.8ten sam produkt

In Siren Investigate before 13.2.2, session keys remain active even after logging out.

CVE-2022-47544CRITICAL9.8ten sam produkt

An issue was discovered in Siren Investigate before 12.1.7. Script variable whitelisting is insufficiently san...

CVE-2021-36794CRITICAL9.8ten sam produkt

In Siren Investigate before 11.1.4, when enabling the cluster feature of the Siren Alert application, TLS veri...

CVE-2021-31216HIGH8.1ten sam produkt

Siren Investigate before 11.1.1 contains a server side request forgery (SSRF) defect in the built-in image pro...

CVE-2021-28938MEDIUM4.3ten sam vendor

Siren Federate before 6.8.14-10.3.9, 6.9.x through 7.6.x before 7.6.2-20.2, 7.7.x through 7.9.x before 7.9.3-2...