// For flags

CVE-2023-22378

Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2

Severity Score

7.1
*CVSS v4

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the sorting parameter, allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application.

Authenticated users can extract arbitrary information from the DBMS in an uncontrolled way.

Una vulnerabilidad de inyección blind SQL en Guardian y CMC de Nozomi Networks, debido a una validación de entrada incorrecta en el parámetro de ordenación, permite a un atacante autenticado ejecutar consultas SQL arbitrarias en el DBMS utilizado por la aplicación web. Los usuarios autenticados pueden extraer información arbitraria del DBMS de forma incontrolada.

*Credits: This issue was found by Stefano Libero of Nozomi Networks Product Security team during a scheduled internal VAPT testing session.
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
None
Privileges Required
Low
User Interaction
None
System
Vulnerable | Subsequent
Confidentiality
High
None
Integrity
None
None
Availability
Low
None
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
Low
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2023-01-24 CVE Reserved
  • 2023-08-09 CVE Published
  • 2024-08-02 CVE Updated
  • 2024-08-15 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
  • CAPEC-7: Blind SQL Injection
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://security.nozominetworks.com/NN-2023:2-01 2024-05-28
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Nozominetworks
Search vendor "Nozominetworks"
 Cmc
Search vendor "Nozominetworks" for product "Cmc"
 < 22.6.2
Search vendor "Nozominetworks" for product "Cmc" and version " < 22.6.2"
-
Affected
Nozominetworks
Search vendor "Nozominetworks"
 Guardian
Search vendor "Nozominetworks" for product "Guardian"
 < 22.6.2
Search vendor "Nozominetworks" for product "Guardian" and version " < 22.6.2"
-
Affected