CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5253

A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication. Malicious unauthenticated users with knowledge on the underlying system may be able to extract limited asset information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 40.1%

CVSS Severity

CVSS v3 Score 5.3

References

Products affected by CVE-2023-5253

Nozominetworks » Cmc » Version: 22.0.0

cpe:2.3:a:nozominetworks:cmc:22.0.0
Nozominetworks » Cmc » Version: 22.5.2

cpe:2.3:a:nozominetworks:cmc:22.5.2
Nozominetworks » Cmc » Version: 22.6.0

cpe:2.3:a:nozominetworks:cmc:22.6.0
Nozominetworks » Cmc » Version: 22.6.3

cpe:2.3:a:nozominetworks:cmc:22.6.3
Nozominetworks » Cmc » Version: 23.0.0

cpe:2.3:a:nozominetworks:cmc:23.0.0
Nozominetworks » Cmc » Version: 23.1.0

cpe:2.3:a:nozominetworks:cmc:23.1.0
Nozominetworks » Guardian » Version: 19.0.4

cpe:2.3:a:nozominetworks:guardian:19.0.4
Nozominetworks » Guardian » Version: 22.0.0

cpe:2.3:a:nozominetworks:guardian:22.0.0
Nozominetworks » Guardian » Version: 22.5.2

cpe:2.3:a:nozominetworks:guardian:22.5.2
Nozominetworks » Guardian » Version: 22.6.0

cpe:2.3:a:nozominetworks:guardian:22.6.0
Nozominetworks » Guardian » Version: 22.6.3

cpe:2.3:a:nozominetworks:guardian:22.6.3
Nozominetworks » Guardian » Version: 23.0.0

cpe:2.3:a:nozominetworks:guardian:23.0.0
Nozominetworks » Guardian » Version: 23.1.0

cpe:2.3:a:nozominetworks:guardian:23.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5253

Products

Pricing

Contact Us