CVE-2023-2567 in Guardian and CMCИнформация

Сводка

по MITRE • 19.09.2023

A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain parameters used in the Query functionality, allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application. Authenticated users can extract arbitrary information from the DBMS in an uncontrolled way.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Ответственный

Nozomi Networks Inc.

Резервировать

08.05.2023

Раскрытие

19.09.2023

Модерация

принято

Вход

VDB-239935

EPSS

0.00504

KEV

Нет

Деятельности

Очень низкий

Источники

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!