Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nozominetworks cmc vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2022-0551
Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticated attacker with admin or import manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Netw...
Nozominetworks Cmc
Nozominetworks Guardian
6.5
CVSSv3
CVE-2023-24471
An access control vulnerability was found, due to the restrictions that are applied on actual assertions not being enforced in their debug functionality. An authenticated user with reduced visibility can obtain unauthorized information via the debug functionality, obtaining data ...
Nozominetworks Cmc
Nozominetworks Guardian
7
CVSSv3
CVE-2023-24477
In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC versions prior to 22.6.2 do not always completely invalidate the user session upon logout. Thus an authenticated local attacker may gain acces to the original user's session.
Nozominetworks Cmc
Nozominetworks Guardian
6.5
CVSSv3
CVE-2023-2567
A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain parameters used in the Query functionality, allows an authenticated malicious user to execute arbitrary SQL queries on the DBMS used by the web application. Authenticate...
Nozominetworks Cmc
Nozominetworks Guardian
4.9
CVSSv3
CVE-2021-26725
Path Traversal vulnerability when changing timezone using web GUI of Nozomi Networks Guardian, CMC allows an authenticated administrator to read-protected system files. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi Networks CMC ...
Nozominetworks Guardian
Nozominetworks Central Management Control
7.2
CVSSv3
CVE-2021-26724
OS Command Injection vulnerability when changing date settings or hostname using web GUI of Nozomi Networks Guardian and CMC allows authenticated administrators to perform remote code execution. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior vers...
Nozominetworks Guardian
Nozominetworks Central Management Control
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2