csaf_nozominetworks - nn-2023

nn-2023_17-01

Vulnerability from csaf_nozominetworks

Published

2024-04-10 11:00

Modified

2024-04-11 11:00

Summary

Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1

Notes

Risk Level for Nozomi customers

High

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "HIGH"
    },
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "other",
        "text": "High",
        "title": "Risk Level for Nozomi customers"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "Nozomi Networks Product Security team can be reached at prodsec@nozominetworks.com",
      "name": "Nozomi Networks Product Security",
      "namespace": "https://security.nozominetworks.com/psirt"
    },
    "title": "Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1",
    "tracking": {
      "aliases": [
        "CVE-2023-6916"
      ],
      "current_release_date": "2024-04-11T11:00:00.000Z",
      "id": "NN-2023:17-01",
      "initial_release_date": "2024-04-10T11:00:00.000Z",
      "revision_history": [
        {
          "date": "2024-04-10T11:00:00.000Z",
          "number": "1",
          "summary": "Initial revision"
        },
        {
          "date": "2024-04-10T11:00:00.000Z",
          "number": "2",
          "summary": "updated the acknowledgements section"
        },
        {
          "date": "2024-04-11T11:00:00.000Z",
          "number": "3",
          "summary": "technical update"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:gem/\u003c23.4.1",
                "product": {
                  "name": "Nozomi Networks Guardian \u003c23.4.1",
                  "product_id": "CSAFPID-0001"
                }
              },
              {
                "category": "product_version",
                "name": "23.4.1",
                "product": {
                  "name": "Nozomi Networks Guardian 23.4.1",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "Guardian"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:gem/\u003c23.4.1",
                "product": {
                  "name": "Nozomi Networks CMC \u003c23.4.1",
                  "product_id": "CSAFPID-0003"
                }
              },
              {
                "category": "product_version",
                "name": "23.4.1",
                "product": {
                  "name": "Nozomi Networks CMC 23.4.1",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "CMC"
          }
        ],
        "category": "vendor",
        "name": "Nozomi Networks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Maciej Kosz"
          ],
          "summary": "reporting this issue"
        }
      ],
      "cve": "CVE-2023-6916",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "discovery_date": "2024-04-10T11:00:00.000Z",
      "ids": [
        {
          "system_name": "Nozomi Networks Security Advisory ID",
          "text": "NN-2023:17-01"
        }
      ],
      "notes": [
        {
          "category": "summary",
          "text": "Audit records for OpenAPI requests may include sensitive information.",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0002",
          "CSAFPID-0004"
        ],
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "Mitre CVE entry",
          "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6916"
        },
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://security.nozominetworks.com/csaf/2024/nn-2023_17-01.json"
        },
        {
          "category": "self",
          "summary": "Human-readable advisory.",
          "url": "https://security.nozominetworks.com/NN-2023:17-01"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Nozomi Networks recommends creating specific users for OpenAPI usage, with only the necessary permissions to access the required data sources. Additionally, it is advised to limit API keys to allowed IP addresses whenever possible. Finally, it is also suggested to regenerate existing API keys periodically and to review sign-ins via API keys in the audit records.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Upgrade to v23.4.1 or later.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0003"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Unauthorized access, privilege escalation."
        }
      ],
      "title": "Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1"
    }
  ]
}

cve-2023-6916

Vulnerability from cvelistv5

Published

2024-04-10 15:50

Modified

2024-09-20 11:47

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Summary

Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1

References

▼	URL	Tags
	https://security.nozominetworks.com/NN-2023:17-01

Impacted products

▼	Vendor	Product
	Nozomi Networks	Guardian
	Nozomi Networks	CMC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:42:08.668Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.nozominetworks.com/NN-2023:17-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "guardian",
            "vendor": "nozominetworks",
            "versions": [
              {
                "lessThanOrEqual": "23.4.1",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nozominetworks:central_management_control:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "central_management_control",
            "vendor": "nozominetworks",
            "versions": [
              {
                "lessThan": "23.4.1",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-6916",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-10T19:50:52.538053Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-12T17:26:46.970Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Guardian",
          "vendor": "Nozomi Networks",
          "versions": [
            {
              "lessThan": "23.4.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CMC",
          "vendor": "Nozomi Networks",
          "versions": [
            {
              "lessThan": "23.4.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "This issue was reported by Maciej Kosz."
        }
      ],
      "datePublic": "2024-04-10T15:41:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003eAudit records for OpenAPI requests may include sensitive information.\u003c/div\u003e\u003c/div\u003eThis could lead to unauthorized accesses and privilege escalation."
            }
          ],
          "value": "Audit records for OpenAPI requests may include sensitive information.\n\n\n\nThis could lead to unauthorized accesses and privilege escalation."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-114",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-114 Authentication Abuse"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-201",
              "description": "CWE-201 Insertion of Sensitive Information Into Sent Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-20T11:47:45.639Z",
        "orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
        "shortName": "Nozomi"
      },
      "references": [
        {
          "url": "https://security.nozominetworks.com/NN-2023:17-01"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003eUpgrade to v23.4.1 or later.\u003c/div\u003e\u003c/div\u003e"
            }
          ],
          "value": "Upgrade to v23.4.1 or later."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003eNozomi Networks recommends creating specific users for OpenAPI usage, with only the necessary permissions to access the required data sources.\u003cbr\u003eAdditionally, it is advised to limit API keys to allowed IP addresses whenever possible.\u003cbr\u003eFinally, it is also suggested to regenerate existing API keys periodically and to review sign-ins via API keys in the audit records.\u003c/div\u003e\u003c/div\u003e"
            }
          ],
          "value": "Nozomi Networks recommends creating specific users for OpenAPI usage, with only the necessary permissions to access the required data sources.\nAdditionally, it is advised to limit API keys to allowed IP addresses whenever possible.\nFinally, it is also suggested to regenerate existing API keys periodically and to review sign-ins via API keys in the audit records."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
    "assignerShortName": "Nozomi",
    "cveId": "CVE-2023-6916",
    "datePublished": "2024-04-10T15:50:57.919Z",
    "dateReserved": "2023-12-18T10:31:09.989Z",
    "dateUpdated": "2024-09-20T11:47:45.639Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted