PT-2021-19202 · Unknown · Siren Investigate

Published

2021-07-19

Updated

2021-07-28

CVE-2021-31216

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Siren Investigate versions prior to 11.1.1

Description The issue is related to a server side request forgery (SSRF) defect in the built-in image proxy route, which is enabled by default. An attacker with access to the Investigate installation can specify an arbitrary URL in the parameters of the image proxy route and fetch external URLs as the Investigate process on the host.

Recommendations For versions prior to 11.1.1, update to version 11.1.1 or later to resolve the issue. As a temporary workaround, consider disabling the image proxy route until a patch is available. Restrict access to the image proxy route to minimize the risk of exploitation. Avoid using the image proxy route to fetch external URLs until the issue is resolved.

Fix

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2021-31216

Affected Products

Siren Investigate

PT-2021-19202 · Unknown · Siren Investigate

CVE-2021-31216

Weakness Enumeration

Related Identifiers

Affected Products

References · 5