CVE-2023-22843

An authenticated attacker with administrative access to the web management interface can inject malicious JavaScript code inside the definition of a Threat Intelligence rule, that will be stored and can later be executed by another legitimate user viewing the details of such a rule. Via stored Cross-Site Scripting (XSS), an attacker may be able to perform unauthorized actions on behalf of legitimate users and/or gather sensitive information. JavaScript injection was possible in the contents for Yara rules, while limited HTML injection has been proven for packet and STYX rules.

CVSS v3 6.4 MEDIUM

6.4^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 5.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://security.nozominetworks.com/NN-2023:4-01	Vendor Advisory
https://security.nozominetworks.com/NN-2023:4-01	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:nozominetworks:cmc::::::::
	cpe:2.3:a:nozominetworks:guardian::::::::

History

21 Nov 2024, 07:45

Type	Values Removed	Values Added
References	~~() https://security.nozominetworks.com/NN-2023:4-01 - Vendor Advisory~~	() https://security.nozominetworks.com/NN-2023:4-01 - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~4.8~~	v2 : unknown v3 : 6.4

20 Sep 2024, 12:15

Type	Values Removed	Values Added
Summary	(en) An authenticated attacker with administrative access to the appliance can inject malicious JavaScript code inside the definition of a Threat Intelligence rule, that will later be executed by another legitimate user viewing the details of such a rule. An attacker may be able to perform unauthorized actions on behalf of legitimate users. JavaScript injection was possible in the content for Yara rules, while limited HTML injection has been proven for packet and STYX rules. The injected code will be executed in the context of the authenticated victim's session.	(en) An authenticated attacker with administrative access to the web management interface can inject malicious JavaScript code inside the definition of a Threat Intelligence rule, that will be stored and can later be executed by another legitimate user viewing the details of such a rule. Via stored Cross-Site Scripting (XSS), an attacker may be able to perform unauthorized actions on behalf of legitimate users and/or gather sensitive information. JavaScript injection was possible in the contents for Yara rules, while limited HTML injection has been proven for packet and STYX rules.

16 Aug 2023, 21:06

Type	Values Removed	Values Added
CWE		CWE-79
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 4.8
References	~~(MISC) https://security.nozominetworks.com/NN-2023:4-01 -~~	(MISC) https://security.nozominetworks.com/NN-2023:4-01 - Vendor Advisory
CPE		cpe:2.3:a:nozominetworks:cmc:::::::: cpe:2.3:a:nozominetworks:guardian::::::::

09 Aug 2023, 12:46

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-08-09 09:15

Updated : 2024-11-21 07:45

NVD link : CVE-2023-22843

Mitre link : CVE-2023-22843

CVE.ORG link : CVE-2023-22843

JSON object : View

Products Affected

nozominetworks

guardian
cmc

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

6.4 /10