Path traversal

2021-02-2221:15:00

PRIOn knowledge base

www.prio-n.com

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.9%

JSON

Path Traversal vulnerability when changing timezone using web GUI of Nozomi Networks Guardian, CMC allows an authenticated administrator to read-protected system files. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi Networks CMC 20.0.7.3 version 20.0.7.3 and prior versions.

CPENameOperatorVersion
central_management_controlge19.0.0
central_management_controlle19.0.12
central_management_controlge20.0.0.0
central_management_controllt20.0.7.4
guardiange20.0.0.0
guardianlt20.0.7.4
guardiange19.0.0
guardianlt19.0.12

Name	Operator	Version
central_management_control	ge	19.0.0
central_management_control	le	19.0.12
central_management_control	ge	20.0.0.0
central_management_control	lt	20.0.7.4
guardian	ge	20.0.0.0
guardian	lt	20.0.7.4
guardian	ge	19.0.0
guardian	lt	19.0.12

References

security.nozominetworks.com/NN-2021:2-01