CVE-2023-24015

Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2

CVSS 5.3 MEDIUMEPSS 0.5%CWE-1286

A partial DoS vulnerability has been detected in the Reports section, exploitable by a malicious authenticated user forcing a report to be saved with its name set as null. The reports section will be partially unavailable for all later attempts to use it, with the report list seemingly stuck on loading.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Productos afectados

Nozomi Networks · CMC Nozomi Networks · Guardian

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://security.nozominetworks.com/NN-2023:6-01