CVE-2023-32649

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Nozomi Networks Guardian and CMC (affected versions not specified)

Description A Denial of Service (Dos) issue exists due to improper input validation in certain fields used in the Asset Intelligence functionality of the IDS. This allows an unauthenticated attacker to crash the IDS module by sending specially crafted malformed network packets. During the time window before the IDS module is automatically restarted, network traffic may not be analyzed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-1286

Related Identifiers

CVE-2023-32649

Affected Products

Cmc

Nozomi Networks Guardian

CVE-2023-32649

Weakness Enumeration

Related Identifiers

Affected Products

References · 10