CVE-2023-35857

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jun 19, 2023

Updated: Jun 27, 2023

CWE ID 613

Summary

CVE-2023-35857 is a vulnerability affecting Siren Investigate versions prior to 13.2.2. This issue allows an unauthorized user to gain unintended access to a session, as session keys fail to be deactivated upon logout. As a result, the confidentiality and integrity of data may be compromised, posing a significant security risk. Users are strongly advised to upgrade to the latest version of Siren Investigate to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siren

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rsfa6s
https://www.cve.org/CVERecord?id=CVE-2023-35857
https://nvd.nist.gov/vuln/detail/CVE-2023-35857

Back to Vulnerability Database

CVE-2023-35857

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations