NN-2023:12-01

Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0

Last update: 2024-09-19

Advisory IDNN-2023:12-01
TopicCheck Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0
CWE ImpactCWE-306: Missing Authentication for Critical Function
Issue date2024-01-15
AffectsGuardian, CMC < v23.3.0
CVE Name(s)CVE-2023-5253
CVSS DetailsCVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS Score6.3 (CVSS v4.0)
5.3 (CVSS v3.1)
CVE Risk LevelMedium (CVSS v4.0)
Medium (CVSS v3.1)
Risk Level for Nozomi customersLow

Summary

A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication.

Impact

Malicious unauthenticated users with knowledge on the underlying system may be able to extract limited asset information.

Affected Products

Guardian, CMC < v23.3.0

Workarounds and Mitigations

Use internal firewall features to limit access to the web management interface.

Solutions

Upgrade to v23.3.0 or later.

Modification History

2024-01-15: Initial revision
2024-01-16: CSAF path update
2024-05-20: Added CVSS v4.0 scoring where applicable
2024-09-19: Improved the issue description

Related Links

Acknowledgements

We thank the following parties for their efforts:

  • Nozomi Networks Product Security team for finding this issue during an internal VAPT testing session

Contact

Nozomi Networks Product Security team can be reached at prodsec@nozominetworks.com.
More contact details on the PSIRT page.