Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0
Vulnerability Description
A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, allows an unauthenticated attacker to crash the IDS module by sending specially crafted malformed network packets. During the (limited) time window before the IDS module is automatically restarted, network traffic may not be analyzed.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
CWE-1286
Vulnerability Title
Nozomi Networks Guardian 输入验证错误漏洞
Vulnerability Description
Nozomi Networks Guardian是美国Nozomi Networks公司的一款物联网设备和软件检查系统。 Nozomi Networks Guardian和CMC存在安全漏洞,该漏洞源于IDS的Asset Intelligence功能存在输入验证不当问题,导致存在拒绝服务 (Dos) 漏洞。
CVSS Information
N/A
Vulnerability Type
N/A