CVE-2021-36794

critical

Description

In Siren Investigate before 11.1.4, when enabling the cluster feature of the Siren Alert application, TLS verifications are disabled globally in the Siren Investigate main process.

References

https://docs.siren.io/siren-platform-user-guide/11.1/release-notes.html#_security_fixes_3

https://docs.siren.io/index

https://community.siren.io/c/announcements

Details

Source: Mitre, NVD

Published: 2021-11-02

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00654