CVE-2023-22843

Published: Aug 9, 2023

Modified: Sep 20, 2024

PUBLISHED

CVSS v3.1

6.4

MEDIUM

Description

An authenticated attacker with administrative access to the web management interface can inject malicious JavaScript code inside the definition of a Threat Intelligence rule, that will be stored and can later be executed by another legitimate user viewing the details of such a rule. Via stored Cross-Site Scripting (XSS), an attacker may be able to perform unauthorized actions on behalf of legitimate users and/or gather sensitive information. JavaScript injection was possible in the contents for Yara rules, while limited HTML injection has been proven for packet and STYX rules.

Vendor	Product	Versions
Nozomi Networks	Guardian	affected `0 - < 22.6.2`
Nozomi Networks	CMC	affected `0 - < 22.6.2`

Weaknesses (CWE)

CWE-79

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

Low

References

https://security.nozominetworks.com/NN-2023:4-01

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-22843

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References