CVE-2023-5253 - OpenCVE

A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication. Malicious unauthenticated users with knowledge on the underlying system may be able to extract asset information.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Nozominetworks	Guardian Cmc

Configuration 1 [-]

OR	cpe:2.3:a:nozominetworks:cmc::::::::
	cpe:2.3:a:nozominetworks:guardian::::::::

References

Link	Resource
https://security.nozominetworks.com/NN-2023:12-01	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Nozomi

Published: 2024-01-15T10:53:56.305Z

Updated: 2024-05-28T12:14:39.438Z

Reserved: 2023-09-28T12:41:27.922Z

Link: CVE-2023-5253

JSON object: View

NVD Information

Status : Modified

Published: 2024-01-15T11:15:08.627

Modified: 2024-05-28T13:15:10.223

Link: CVE-2023-5253

JSON object: View

Redhat Information

No data.

CWE

CWE-306

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-5253", "assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c", "state": "PUBLISHED", "assignerShortName": "Nozomi", "dateReserved": "2023-09-28T12:41:27.922Z", "datePublished": "2024-01-15T10:53:56.305Z", "dateUpdated": "2024-05-28T12:14:39.438Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Guardian", "vendor": "Nozomi Networks", "versions": [{"lessThan": "23.3.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "CMC", "vendor": "Nozomi Networks", "versions": [{"lessThan": "23.3.0", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "This issue was found by Nozomi Networks Product Security team during an internal VAPT testing session."}], "datePublic": "2024-01-15T08:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div><div>A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication.</div></div><div><div>Malicious unauthenticated users with knowledge on the underlying system may be able to extract asset information.</div></div>"}], "value": "A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication.\n\n\n\nMalicious unauthenticated users with knowledge on the underlying system may be able to extract asset information."}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 6.3, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c", "shortName": "Nozomi", "dateUpdated": "2024-05-28T12:14:39.438Z"}, "references": [{"url": "https://security.nozominetworks.com/NN-2023:12-01"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div><div>Upgrade to v23.3.0 or later.</div></div>"}], "value": "Upgrade to v23.3.0 or later."}], "source": {"discovery": "INTERNAL"}, "title": "Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div><div>Use internal firewall features to limit access to the web management interface.</div></div>"}], "value": "Use internal firewall features to limit access to the web management interface."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:*", "matchCriteriaId": "27F4311F-0751-4645-9BC7-05946A253330", "versionEndExcluding": "23.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*", "matchCriteriaId": "D44D965F-3128-4F2C-A582-E84247A16CF5", "versionEndExcluding": "23.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication.\n\n\n\nMalicious unauthenticated users with knowledge on the underlying system may be able to extract asset information."}, {"lang": "es", "value": "Una verificaci\u00f3n de autenticaci\u00f3n faltante en el canal WebSocket utilizado para la integraci\u00f3n de Check Point IoT en Nozomi Networks Guardian y CMC puede permitir que un atacante no autenticado obtenga datos de activos sin autenticaci\u00f3n. Los usuarios maliciosos no autenticados con conocimiento sobre el sistema subyacente pueden extraer informaci\u00f3n de activos."}], "id": "CVE-2023-5253", "lastModified": "2024-05-28T13:15:10.223", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "prodsec@nozominetworks.com", "type": "Secondary"}]}, "published": "2024-01-15T11:15:08.627", "references": [{"source": "prodsec@nozominetworks.com", "tags": ["Third Party Advisory"], "url": "https://security.nozominetworks.com/NN-2023:12-01"}], "sourceIdentifier": "prodsec@nozominetworks.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-306"}], "source": "prodsec@nozominetworks.com", "type": "Secondary"}]}