What is the vulnerability ID of this Secomea TLS stack vulnerability?

The vulnerability ID is CVE-2021-32010.

What is the severity rating of CVE-2021-32010?

The severity rating of CVE-2021-32010 is 8.1, which is considered high.

Which versions of Secomea SiteManager are affected by CVE-2021-32010?

All versions of Secomea SiteManager prior to 9.7 are affected by CVE-2021-32010.

How does CVE-2021-32010 facilitate man-in-the-middle attacks?

CVE-2021-32010 facilitates man-in-the-middle attacks due to inadequate encryption strength in the TLS stack of Secomea SiteManager, LinkManager, and GateManager.

How do I fix CVE-2021-32010?

To fix CVE-2021-32010, update Secomea SiteManager, LinkManager, and GateManager to version 9.7 or later.

Vulnerability/
CVE-2021-32010

high

8.1

CWE

326

4/5/2022

3/8/2024

CVE-2021-32010: Clients may connect to a GateManager with TLS 1.0

First published: Wed May 04 2022(Updated: )

Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager versions prior to 9.7.

Credit: VulnerabilityReporting@secomea.com

Affected Software	Affected Version	How to fix
Secomea Sitemanager	<9.7.622134021
Secomea Sitemanager
Secomea Sitemanager	<9.7.622134021
Secomea Sitemanager
Secomea Sitemanager Firmware	<9.7.622134021
Secomea Sitemanager 1149 Firmware
Secomea Sitemanager 3329 Firmware	<9.7.622134021
Secomea Sitemanager 3329 Firmware
Secomea Sitemanager 3339 Firmware	<9.7.622134021
Secomea Sitemanager
Secomea Sitemanager 3349 Firmware	<9.7.622134021
Secomea Sitemanager
Secomea Sitemanager 3529 Firmware	<9.7.622134021
Secomea Sitemanager 3529 Firmware
Secomea Sitemanager	<9.7.622134021
Secomea Sitemanager
Secomea SiteManager	<9.7.622134021
Secomea Sitemanager
Secomea LinkManager	<9.7.622134021
Secomea Gatemanager 4250 Firmware	<9.7.622134021
Secomea GateManager
Secomea Gatemanager	<9.7.622134021
Secomea GateManager
Secomea Gatemanager 8250 Firmware	<9.7.622134021
Secomea Gatemanager 8250 Firmware
Secomea GateManager	<9.7.622134021
Secomea GateManager

Never miss a vulnerability like this again

Reference Links

https://www.secomea.com/support/cybersecurity-advisory/

Frequently Asked Questions

What is the vulnerability ID of this Secomea TLS stack vulnerability?
The vulnerability ID is CVE-2021-32010.
What is the severity rating of CVE-2021-32010?
The severity rating of CVE-2021-32010 is 8.1, which is considered high.
Which versions of Secomea SiteManager are affected by CVE-2021-32010?
All versions of Secomea SiteManager prior to 9.7 are affected by CVE-2021-32010.
How does CVE-2021-32010 facilitate man-in-the-middle attacks?
CVE-2021-32010 facilitates man-in-the-middle attacks due to inadequate encryption strength in the TLS stack of Secomea SiteManager, LinkManager, and GateManager.
How do I fix CVE-2021-32010?
To fix CVE-2021-32010, update Secomea SiteManager, LinkManager, and GateManager to version 9.7 or later.

collector/mitre-cve
source/MITRE
agent/weakness
agent/title
agent/author
agent/severity
agent/last-modified-date
agent/references
agent/type
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/secomea
canonical/secomea sitemanager
canonical/secomea sitemanager firmware
canonical/secomea sitemanager 1149 firmware
canonical/secomea sitemanager 3329 firmware
canonical/secomea sitemanager 3339 firmware
canonical/secomea sitemanager 3349 firmware
canonical/secomea sitemanager 3529 firmware
canonical/secomea linkmanager
canonical/secomea gatemanager 4250 firmware
canonical/secomea gatemanager
canonical/secomea gatemanager 8250 firmware