NN-2026:11-01

DoS through oversized audit log entries in Guardian/CMC before 26.2.0

Last update: 2026-07-07

Advisory IDNN-2026:11-01
TopicDoS through oversized audit log entries in Guardian/CMC before 26.2.0
CWE ImpactCWE-770: Allocation of Resources Without Limits or Throttling
Issue date2026-07-07
AffectsGuardian, CMC < v26.2.0
CVE Name(s)CVE-2026-31984
CVSS DetailsCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS Score8.7 (CVSS v4.0)
7.5 (CVSS v3.1)
CVE Risk LevelHigh (CVSS v4.0)
High (CVSS v3.1)
Risk Level for Nozomi customersHigh

Summary

A denial-of-service vulnerability caused by unbounded resource allocation was discovered in the audit logging functionality, due to a missing size limit on input recorded into audit entries.

Impact

An unauthenticated attacker can submit requests containing excessively large input that is recorded into audit entries, possibly exhausting the available disk space and rendering the system inoperable.

Affected Products

Guardian, CMC < v26.2.0

Workarounds and Mitigations

Use internal firewall features to limit access to the web management interface.

Solutions

Upgrade to v26.2.0 or later.

Modification History

2026-07-07: Initial revision

Related Links

Acknowledgements

We thank the following parties for their efforts:

  • Andrea Palanca of Nozomi Networks Product Security team for finding this issue during an internal investigation

Contact

Nozomi Networks Product Security team can be reached at prodsec@nozominetworks.com.
More contact details on the PSIRT page.