CVE-2023-29245
Vulnerability from cvelistv5
Published
2023-09-19 10:04
Modified
2024-09-20 10:48
Summary
SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T14:00:16.066Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.nozominetworks.com/NN-2023:11-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Guardian",
          "vendor": "Nozomi Networks",
          "versions": [
            {
              "lessThan": "22.6.3",
              "status": "affected",
              "version": "22.6.0",
              "versionType": "semver"
            },
            {
              "lessThan": "23.1.0",
              "status": "affected",
              "version": "23.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CMC",
          "vendor": "Nozomi Networks",
          "versions": [
            {
              "lessThan": "22.6.3",
              "status": "affected",
              "version": "22.6.0",
              "versionType": "semver"
            },
            {
              "lessThan": "23.1.0",
              "status": "affected",
              "version": "23.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "This issue was found by Nozomi Networks during an internal investigation."
        }
      ],
      "datePublic": "2023-09-18T07:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003eA SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sending specially crafted malicious network packets.\u003c/div\u003e\u003cdiv\u003eMalicious users with extensive knowledge on the underlying system may be able to extract arbitrary information from the DBMS in an uncontrolled way, alter its structure and data, and/or affect its availability.\u003c/div\u003e\u003c/div\u003e"
            }
          ],
          "value": "A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sending specially crafted malicious network packets.\n\nMalicious users with extensive knowledge on the underlying system may be able to extract arbitrary information from the DBMS in an uncontrolled way, alter its structure and data, and/or affect its availability."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-66",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-66 SQL Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 9.2,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-20T10:48:14.678Z",
        "orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
        "shortName": "Nozomi"
      },
      "references": [
        {
          "url": "https://security.nozominetworks.com/NN-2023:11-01"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003eUpgrade to v22.6.3, v23.1.0 or later.\u003c/div\u003e\u003c/div\u003e"
            }
          ],
          "value": "Upgrade to v22.6.3, v23.1.0 or later."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC \u003e= 22.6.0 before 22.6.3 and 23.1.0",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
    "assignerShortName": "Nozomi",
    "cveId": "CVE-2023-29245",
    "datePublished": "2023-09-19T10:04:57.213Z",
    "dateReserved": "2023-06-12T09:20:58.631Z",
    "dateUpdated": "2024-09-20T10:48:14.678Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-29245\",\"sourceIdentifier\":\"prodsec@nozominetworks.com\",\"published\":\"2023-09-19T11:16:18.100\",\"lastModified\":\"2024-09-20T11:15:12.980\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sending specially crafted malicious network packets.\\n\\nMalicious users with extensive knowledge on the underlying system may be able to extract arbitrary information from the DBMS in an uncontrolled way, alter its structure and data, and/or affect its availability.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de inyecci\u00f3n SQL en Nozomi Networks Guardian y CMC, debido a una validaci\u00f3n de entrada incorrecta en ciertos campos utilizados en la funcionalidad Asset Intelligence de nuestro IDS, puede permitir que un atacante no autenticado ejecute sentencias SQL arbitrarias en el DBMS utilizado por la aplicaci\u00f3n web mediante el env\u00edo especial paquetes de red maliciosos manipulados. Los usuarios maliciosos con amplios conocimientos sobre el sistema subyacente pueden extraer informaci\u00f3n arbitraria del DBMS de forma incontrolada o alterar su estructura y datos.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"prodsec@nozominetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnerableSystemConfidentiality\":\"HIGH\",\"vulnerableSystemIntegrity\":\"HIGH\",\"vulnerableSystemAvailability\":\"HIGH\",\"subsequentSystemConfidentiality\":\"NONE\",\"subsequentSystemIntegrity\":\"NONE\",\"subsequentSystemAvailability\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirements\":\"NOT_DEFINED\",\"integrityRequirements\":\"NOT_DEFINED\",\"availabilityRequirements\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnerableSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedVulnerableSystemIntegrity\":\"NOT_DEFINED\",\"modifiedVulnerableSystemAvailability\":\"NOT_DEFINED\",\"modifiedSubsequentSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedSubsequentSystemIntegrity\":\"NOT_DEFINED\",\"modifiedSubsequentSystemAvailability\":\"NOT_DEFINED\",\"safety\":\"NOT_DEFINED\",\"automatable\":\"NOT_DEFINED\",\"recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\",\"baseScore\":9.2,\"baseSeverity\":\"CRITICAL\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.2},{\"source\":\"prodsec@nozominetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]},{\"source\":\"prodsec@nozominetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"22.6.0\",\"versionEndExcluding\":\"22.6.3\",\"matchCriteriaId\":\"6F56421F-B321-4FF0-BFE4-867649B582BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"23.0.0\",\"versionEndExcluding\":\"23.1.0\",\"matchCriteriaId\":\"C27BB1A9-96D5-4B46-B187-670EABD91C48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"22.6.0\",\"versionEndExcluding\":\"22.6.3\",\"matchCriteriaId\":\"4B3C9AEC-3A2D-4702-BC84-41595F30430D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"23.0.0\",\"versionEndExcluding\":\"23.1.0\",\"matchCriteriaId\":\"981F37FF-F82D-46CB-B9E7-F16F319583F4\"}]}]}],\"references\":[{\"url\":\"https://security.nozominetworks.com/NN-2023:11-01\",\"source\":\"prodsec@nozominetworks.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.