CVE-2021-32007 LOW

CVE-2021-32007: Missing security header: Referrer-Policy URL

Vendor Secomea

Product GateManager

Weakness CWE-200 · Info exposure

Published December 13, 2024

Last update December 23, 2024

View on NVD All CVEs

CVSS base score

3.5/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction Required

Confidentiality Low

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

This issue affects: Secomea GateManager Version 9.5 and all prior versions. Protection Mechanism Failure vulnerability in web server of Secomea GateManager to potentially leak information to remote servers.

Key dates

02Disclosure timeline

December 13, 2024 CVE published

December 23, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-32007

Related vulnerabilities

04Related CVE

CVE-2022-32741 Information disclosure in Request New Password feature CVE-2024-42179 HCL MyXalytics is affected by sensitive information disclosure vulnerability CVE-2026-41266 Flowise: Sensitive Data Leak in public-chatbotConfig CVE-2025-41014 User Enumeration vulnerability in TCMAN GIM CVE-2026-47340 Apache DolphinScheduler: An incorrect authorization vulnerability allows authenticated users to access alert instances associated with alert groups they do not have permission to access.