Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticated attacker with admin or import manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Networks Guardian versions prior to 22.0.0. Nozomi Networks CMC versions prior to 22.0.0.
References
Link | Resource |
---|---|
https://security.nozominetworks.com/NN-2022:2-02 | Vendor Advisory |
https://security.nozominetworks.com/NN-2022:2-02 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:38
Type | Values Removed | Values Added |
---|---|---|
References | () https://security.nozominetworks.com/NN-2022:2-02 - Vendor Advisory |
30 Mar 2022, 18:11
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://security.nozominetworks.com/NN-2022:2-02 - Vendor Advisory | |
CPE | cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:* cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 7.2 |
CWE | CWE-20 |
24 Mar 2022, 15:19
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-24 15:15
Updated : 2024-11-21 06:38
NVD link : CVE-2022-0551
Mitre link : CVE-2022-0551
CVE.ORG link : CVE-2022-0551
JSON object : View
Products Affected
nozominetworks
- guardian
- cmc
CWE
CWE-20
Improper Input Validation