Vulnerability Details CVE-2021-28938
Siren Federate before 6.8.14-10.3.9, 6.9.x through 7.6.x before 7.6.2-20.2, 7.7.x through 7.9.x before 7.9.3-21.6, 7.10.x before 7.10.2-22.2, and 7.11.x before 7.11.2-23.0 can leak user information across thread contexts. This occurs in opportunistic circumstances when there is concurrent query execution by a low-privilege user and a high-privilege user. The former query might run with the latter query's privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.4%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.0
References
Products affected by CVE-2021-28938
-
cpe:2.3:a:siren:federate:-
-
cpe:2.3:a:siren:federate:5.6.10-10.0.2
-
cpe:2.3:a:siren:federate:5.6.10-10.0.3
-
cpe:2.3:a:siren:federate:5.6.10-10.0.4
-
cpe:2.3:a:siren:federate:5.6.10-10.1.0
-
cpe:2.3:a:siren:federate:5.6.10-10.1.1
-
cpe:2.3:a:siren:federate:5.6.14-10.1.2
-
cpe:2.3:a:siren:federate:5.6.16-10.1.3-1
-
cpe:2.3:a:siren:federate:5.6.16-10.1.4
-
cpe:2.3:a:siren:federate:5.6.4-10.0.0
-
cpe:2.3:a:siren:federate:5.6.4-10.0.1
-
cpe:2.3:a:siren:federate:5.6.4-10.0.2
-
cpe:2.3:a:siren:federate:5.6.5-10.0.0
-
cpe:2.3:a:siren:federate:5.6.5-10.0.1
-
cpe:2.3:a:siren:federate:5.6.5-10.0.2
-
cpe:2.3:a:siren:federate:5.6.6-10.0.0
-
cpe:2.3:a:siren:federate:5.6.6-10.0.1
-
cpe:2.3:a:siren:federate:5.6.6-10.0.2
-
cpe:2.3:a:siren:federate:5.6.7-10.0.0
-
cpe:2.3:a:siren:federate:5.6.7-10.0.1
-
cpe:2.3:a:siren:federate:5.6.7-10.0.2
-
cpe:2.3:a:siren:federate:5.6.8-10.0.0
-
cpe:2.3:a:siren:federate:5.6.8-10.0.1
-
cpe:2.3:a:siren:federate:5.6.8-10.0.2
-
cpe:2.3:a:siren:federate:5.6.9-10.0.0
-
cpe:2.3:a:siren:federate:5.6.9-10.0.1
-
cpe:2.3:a:siren:federate:5.6.9-10.0.2
-
cpe:2.3:a:siren:federate:6.3.2-10.1.0
-
cpe:2.3:a:siren:federate:6.3.2-10.1.1
-
cpe:2.3:a:siren:federate:6.3.2-10.1.2
-
cpe:2.3:a:siren:federate:6.3.2-10.1.3-1
-
cpe:2.3:a:siren:federate:6.3.2-10.1.4
-
cpe:2.3:a:siren:federate:6.5.4-10.2.0
-
cpe:2.3:a:siren:federate:6.5.4-10.2.1
-
cpe:2.3:a:siren:federate:6.5.4-10.2.2
-
cpe:2.3:a:siren:federate:6.5.4-10.2.3
-
cpe:2.3:a:siren:federate:6.5.4-10.2.4
-
cpe:2.3:a:siren:federate:6.5.4-10.2.6
-
cpe:2.3:a:siren:federate:6.8.0-10.2.3
-
cpe:2.3:a:siren:federate:6.8.0-10.2.4
-
cpe:2.3:a:siren:federate:6.8.0-10.3.0
-
cpe:2.3:a:siren:federate:6.8.12-10.3.7
-
cpe:2.3:a:siren:federate:6.8.13-10.3.8
-
cpe:2.3:a:siren:federate:6.8.2-10.3.1
-
cpe:2.3:a:siren:federate:6.8.2-10.3.2
-
cpe:2.3:a:siren:federate:6.8.2-10.3.3
-
cpe:2.3:a:siren:federate:6.8.6-10.2.6
-
cpe:2.3:a:siren:federate:6.8.6-10.3.4
-
cpe:2.3:a:siren:federate:6.8.6-10.3.5
-
cpe:2.3:a:siren:federate:6.8.6-10.3.6
-
cpe:2.3:a:siren:federate:7.10.1-22.0
-
cpe:2.3:a:siren:federate:7.10.2-22.1
-
cpe:2.3:a:siren:federate:7.3.2-19.0
-
cpe:2.3:a:siren:federate:7.3.2-19.1
-
cpe:2.3:a:siren:federate:7.6.2-20.0
-
cpe:2.3:a:siren:federate:7.6.2-20.1
-
cpe:2.3:a:siren:federate:7.7.1-20.0
-
cpe:2.3:a:siren:federate:7.8.0-20.0
-
cpe:2.3:a:siren:federate:7.8.1-20.1
-
cpe:2.3:a:siren:federate:7.9.1-21.0
-
cpe:2.3:a:siren:federate:7.9.2-21.1
-
cpe:2.3:a:siren:federate:7.9.3-21.2
-
cpe:2.3:a:siren:federate:7.9.3-21.4
-
cpe:2.3:a:siren:federate:7.9.3-21.5