Vulnerability-Lookup

GHSA-H84W-4WFQ-6H9C

Vulnerability from github – Published: 2022-05-24 17:42 – Updated: 2022-05-24 17:42

Details

OS Command Injection vulnerability when changing date settings or hostname using web GUI of Nozomi Networks Guardian and CMC allows authenticated administrators to perform remote code execution. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi Networks CMC 20.0.7.3 version 20.0.7.3 and prior versions.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-26724"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-02-22T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "OS Command Injection vulnerability when changing date settings or hostname using web GUI of Nozomi Networks Guardian and CMC allows authenticated administrators to perform remote code execution. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi Networks CMC 20.0.7.3 version 20.0.7.3 and prior versions.",
  "id": "GHSA-h84w-4wfq-6h9c",
  "modified": "2022-05-24T17:42:52Z",
  "published": "2022-05-24T17:42:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26724"
    },
    {
      "type": "WEB",
      "url": "https://security.nozominetworks.com/NN-2021:1-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2021-26724 (GCVE-0-2021-26724)

Vulnerability from cvelistv5 – Published: 2021-02-22 20:31 – Updated: 2024-09-17 04:05

Title

Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4

Summary

Severity

8.6 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Assigner

Nozomi

References

1 reference

URL	Tags
https://security.nozominetworks.com/NN-2021:1-01	x_refsource_CONFIRM

Impacted products

2 products

Vendor	Product	Version
Nozomi Networks	Guardian	Affected: 20.0.7.3 and prior versions (custom)
Nozomi Networks	CMC	Affected: 20.0.7.3 and prior versions (custom)

Date Public

2021-02-21 23:00

Credits

This bug was found by Erik de Jong

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:33:41.180Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.nozominetworks.com/NN-2021:1-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Guardian",
          "vendor": "Nozomi Networks",
          "versions": [
            {
              "status": "affected",
              "version": "20.0.7.3 and prior versions",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CMC",
          "vendor": "Nozomi Networks",
          "versions": [
            {
              "status": "affected",
              "version": "20.0.7.3 and prior versions",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "This bug was found by Erik de Jong"
        }
      ],
      "datePublic": "2021-02-21T23:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eOS Command Injection vulnerability when changing date settings or hostname using web GUI of Nozomi Networks Guardian and CMC allows authenticated administrators to perform remote code execution. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi Networks CMC 20.0.7.3 version 20.0.7.3 and prior versions.\u003c/p\u003e"
            }
          ],
          "value": "OS Command Injection vulnerability when changing date settings or hostname using web GUI of Nozomi Networks Guardian and CMC allows authenticated administrators to perform remote code execution. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi Networks CMC 20.0.7.3 version 20.0.7.3 and prior versions."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-88",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-88 OS Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-28T10:17:39.175Z",
        "orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
        "shortName": "Nozomi"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.nozominetworks.com/NN-2021:1-01"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003ev19 series: Upgrade to v19.0.12.  \u003c/p\u003e\u003cp\u003ev20 series: Upgrade to v20.0.7.4.\u003c/p\u003e"
            }
          ],
          "value": "v19 series: Upgrade to v19.0.12.  \n\nv20 series: Upgrade to v20.0.7.4."
        }
      ],
      "source": {
        "advisory": "https://security.nozominetworks.com/NN-2021:1-01",
        "discovery": "EXTERNAL"
      },
      "title": "Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUse internal firewall feature to limit management interface access and review user roles.\u003c/p\u003e"
            }
          ],
          "value": "Use internal firewall feature to limit management interface access and review user roles."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "prodsec@nozominetworks.com",
          "DATE_PUBLIC": "2021-02-22T00:00:00.000Z",
          "ID": "CVE-2021-26724",
          "STATE": "PUBLIC",
          "TITLE": "Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Guardian",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "20.0.7.3 and prior versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CMC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "20.0.7.3 and prior versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Nozomi Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This bug was found by Erik de Jong"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "OS Command Injection vulnerability when changing date settings or hostname using web GUI of Nozomi Networks Guardian and CMC allows authenticated administrators to perform remote code execution. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi Networks CMC 20.0.7.3 version 20.0.7.3 and prior versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.nozominetworks.com/NN-2021:1-01",
              "refsource": "CONFIRM",
              "url": "https://security.nozominetworks.com/NN-2021:1-01"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "v19 series: Upgrade to v19.0.12.  v20 series: Upgrade to v20.0.7.4."
          }
        ],
        "source": {
          "advisory": "https://security.nozominetworks.com/NN-2021:1-01",
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Use internal firewall feature to limit management interface access and review user roles."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
    "assignerShortName": "Nozomi",
    "cveId": "CVE-2021-26724",
    "datePublished": "2021-02-22T20:31:10.169Z",
    "dateReserved": "2021-02-05T00:00:00.000Z",
    "dateUpdated": "2024-09-17T04:05:00.334Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-H84W-4WFQ-6H9C

CVE-2021-26724 (GCVE-0-2021-26724)

Tags

Sightings

Nomenclature