Description

A partial DoS vulnerability has been detected in the Reports section, exploitable by a malicious authenticated user forcing a report to be saved with its name set as null. The reports section will be partially unavailable for all later attempts to use it, with the report list seemingly stuck on loading.

Related CPE's

a

nozominetworks

cmc

Vulnerable

a

nozominetworks

guardian

Vulnerable

References

https://security.nozominetworks.com/NN-2023:6-01

Vendor Advisory

https://security.nozominetworks.com/NN-2023:6-01

Vendor Advisory

Weaknesses

[email protected]

Secondary
CWE-1286

[email protected]

Primary
NVD-CWE-noinfo

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

4.3 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-08-09T08:15:09.890Z

2 years ago

Last modified

2024-11-21T06:47:15.730Z

1 year ago