18 matches found
Nozomi Networks Guardian和Nozomi Networks CMC 跨站脚本漏洞
Nozomi Networks Guardian and Nozomi Networks CMC are both products of the American company Nozomi Networks. Nozomi Networks Guardian is an IoT device and software inspection system. Nozomi Networks CMC is an application software that provides centralized OT and IoT security management. Both Nozom...
Nozomi Networks CMC和Nozomi Networks Guardian 跨站脚本漏洞
Nozomi Networks CMC and Nozomi Networks Guardian are both products of Nozomi Networks, a company based in the United States. Nozomi Networks CMC is a network management platform. Nozomi Networks Guardian is a security software. Both Nozomi Networks CMC and Nozomi Networks Guardian have cross-site...
Nozomi Networks CMC和Nozomi Networks Guardian 跨站脚本漏洞
Nozomi Networks CMC and Nozomi Networks Guardian are both products of Nozomi Networks, Inc. of the U.S. Nozomi Networks CMC is a network management platform.Nozomi Networks Guardian is a protection software. A cross-site scripting vulnerability exists in Nozomi Networks CMC and Nozomi Networks...
Nozomi Networks Guardian和Nozomi Networks CMC 路径遍历漏洞
Nozomi Networks Guardian and Nozomi Networks CMC are both products of Nozomi Networks, U.S.A. Nozomi Networks Guardian is an IoT device and software inspection system.Nozomi Networks CMC is a software application. It provides centralized OT and IoT security management. Nozomi Networks Guardian an...
Siemens RUGGEDCOM APE1808 Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens RUGGEDCOM APE180
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
CVE-2023-32649
A Denial of Service Dos vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, allows an unauthenticated attacker to crash the IDS module by sending specially crafted malformed network packets...
CVE-2023-2567
A SQL Injection vulnerability has been found in Nozomi Networks Guardian and CMC, due to improper input validation in certain parameters used in the Query functionality. Authenticated users may be able to execute arbitrary SQL statements on the DBMS used by the web application...
CVE-2023-29245
A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sendi...
CVE-2023-23574
A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the alertscount component, allows an authenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application. Authenticated users may be able to extract arbitrar...
PT-2023-5524 · Nozomi Networks · Nozomi Networks Cmc +1
Name of the Vulnerable Software and Affected Versions: Nozomi Networks Guardian and CMC affected versions not specified Description: A blind SQL Injection issue exists due to improper input validation in the sorting parameter, allowing an authenticated attacker to execute arbitrary SQL statements...
Nozomi Networks Guardian SQL注入漏洞
Nozomi Networks Guardian is an IoT device and software inspection system from US-based Nozomi Networks. A security vulnerability exists in Nozomi Networks Guardian and CMC that stems from improper input validation in the Alerts Controller. An attacker could exploit the vulnerability to execute...
CVE-2022-0551
Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticated attacker with admin or import manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Networks Guardian...
CVE-2022-0551
Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticated attacker with admin or import manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Networks Guardian...
Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0
Summary Improper Input Validation vulnerability in custom report logo upload in Nozomi Networks Guardian and CMC allows an authenticated attacker with admin or report manager roles to execute unattended commands on the appliance using web server user privileges. Impact Users with admin or report...
CVE-2021-26725
Path Traversal vulnerability when changing timezone using web GUI of Nozomi Networks Guardian, CMC allows an authenticated administrator to read-protected system files. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi Networks CMC 20.0.7.3 version...
CVE-2021-26724
OS Command Injection vulnerability when changing date settings or hostname using web GUI of Nozomi Networks Guardian and CMC allows authenticated administrators to perform remote code execution. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi...
PT-2021-17115 · Nozomi Networks · Nozomi Networks Cmc +1
Name of the Vulnerable Software and Affected Versions: Nozomi Networks Guardian versions 20.0.7.3 and prior versions Nozomi Networks CMC versions 20.0.7.3 and prior versions Description: The issue is an OS Command Injection vulnerability that occurs when changing date settings or hostname using t...