CVE-2021-32010 MEDIUM

CVE-2021-32010: Clients may connect to a GateManager with TLS 1.0

Vendor Secomea
Product SiteManager
Weakness CWE-326 · Weak encryption
Published May 4, 2022
Last update August 3, 2024

CVSS base score

5.6/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager versions prior to 9.7.

Key dates

02Disclosure timeline

May 4, 2022 CVE published
August 3, 2024 Record updated