CVE-2023-23574 Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2

A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the alertscount component, allows an authenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application. Authenticated users may be able to extract arbitrar...

Nozomi Networks Guardian/CMC SQL Injection Vulnerability

Nozomi Networks Guardian/CMC is a centralized management console from Nozomi Networks, Inc. in the United States. Nozomi Networks Guardian/CMC suffers from a SQL injection vulnerability that stems from incorrect input validation in the alertscount component, which allows an authenticated attacker...

Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2

Summary A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the alertscount component, allows an authenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application. Impact Authenticated users may be able to...

PT-2023-19053 · Nozomi Networks · Nozomi Networks Cmc +1

Name of the Vulnerable Software and Affected Versions: Nozomi Networks Guardian and CMC affected versions not specified Description: A blind SQL Injection vulnerability, due to improper input validation in the alerts count component, allows an authenticated attacker to execute arbitrary SQL...