NN-2023:12-01
Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0
Last update: 2024-09-19
| Advisory ID | NN-2023:12-01 |
|---|---|
| Topic | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 |
| CWE Impact | CWE-306: Missing Authentication for Critical Function |
| Issue date | 2024-01-15 |
| Affects | Guardian, CMC < v23.3.0 |
| CVE Name(s) | CVE-2023-5253 |
| CVSS Details | CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
| CVSS Score | 6.3 (CVSS v4.0) 5.3 (CVSS v3.1) |
| CVE Risk Level | Medium (CVSS v4.0) Medium (CVSS v3.1) |
| Risk Level for Nozomi customers | Low |
Summary
A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication.
Impact
Malicious unauthenticated users with knowledge on the underlying system may be able to extract limited asset information.
Affected Products
Guardian, CMC < v23.3.0
Workarounds and Mitigations
Use internal firewall features to limit access to the web management interface.
Solutions
Upgrade to v23.3.0 or later.
Modification History
2024-01-15: Initial revision
2024-01-16: CSAF path update
2024-05-20: Added CVSS v4.0 scoring where applicable
2024-09-19: Improved the issue description
Related Links
Acknowledgements
We thank the following parties for their efforts:
- Nozomi Networks Product Security team for finding this issue during an internal VAPT testing session
Contact
Nozomi Networks Product Security team can be reached at prodsec@nozominetworks.com.More contact details on the PSIRT page.