18 matches found
AI Native Asset Intelligence
Modern security environments generate fragmented signals across cloud resources, identities, configurations, and third-party security tools. Although AI-native security assistants improve access to this data, they remain largely reactive: users must ask the right questions and interpret...
CTEM Needs CAASM: Where Cyber Asset Intelligence Powers Every Step of the Exposure Loop
Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Click right here to hear it all on CAASM & CDMB Inefficiencies! CTEM is not a new tool. It’s not a...
Siemens RUGGEDCOM APE1808 Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
CVE-2023-32649
A Denial of Service Dos vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, allows an unauthenticated attacker to crash the IDS module by sending specially crafted malformed network packets...
CVE-2023-32649
A Denial of Service Dos vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, allows an unauthenticated attacker to crash the IDS module by sending specially crafted malformed network packets...
CVE-2023-29245
A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sendi...
CVE-2023-29245
A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sendi...
Input validation
A Denial of Service Dos vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, allows an unauthenticated attacker to crash the IDS module by sending specially crafted malformed network packets...
Sql injection
A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sendi...
CVE-2023-29245 SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0
A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sendi...
CVE-2023-29245 SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0
A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sendi...
CVE-2023-29245
Nozomi Networks Guardian and CMC are affected by CVE-2023-29245 due to improper input validation in Asset Intelligence fields, enabling SQL Injection. An unauthenticated attacker could send crafted packets to execute arbitrary SQL on the backend DBMS, potentially exfiltrating data, altering schem...
Nozomi Networks Guardian/CMC SQL Injection Vulnerability
Nozomi Networks Guardian/CMC is a centralized management console from Nozomi Networks, Inc. in the United States. An SQL injection vulnerability exists in Nozomi Networks Guardian/CMC, which stems from an improper input validation issue in the Asset Intelligence feature of IDS, resulting in an SQ...
PT-2023-22220 · Nozomi Networks · Nozomi Networks Cmc +1
Name of the Vulnerable Software and Affected Versions: Nozomi Networks Guardian and CMC affected versions not specified Description: A SQL Injection issue, due to improper input validation in certain fields used in the Asset Intelligence functionality of the IDS, may allow an unauthenticated...
Nozomi Networks Guardian Input Validation Error Vulnerability
Nozomi Networks Guardian is an IoT device and software inspection system from US-based Nozomi Networks. A security vulnerability exists in Nozomi Networks Guardian and CMC that stems from an improper input validation issue in the Asset Intelligence feature of the IDS, resulting in a denial of...
PT-2023-23930 · Nozomi Networks · Nozomi Networks Guardian +1
Name of the Vulnerable Software and Affected Versions: Nozomi Networks Guardian and CMC affected versions not specified Description: A Denial of Service Dos issue exists due to improper input validation in certain fields used in the Asset Intelligence functionality of the IDS. This allows an...
DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0
Summary A Denial of Service Dos vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, allows an unauthenticated attacker to crash the IDS module by sending specially crafted malformed network...
System Center Configuration Manager Service Pack 1 For Admin Console
Service Pack 1 SP1 supports Windows Vista SP1 and Windows Server 2008, integrates support for Intel’s vPro technology, and provides an update to the Asset Intelligence capability initially shipped in Configuration Manager...