CVE-2023-23903

Name of the Vulnerable Software and Affected Versions Nozomi Guardian and Nozomi Central Management Console (CMC) (affected versions not specified)

Description The issue is related to the SAML (Security Assertion Markup Language) technology, where an authenticated administrator can upload a SAML configuration file with the wrong format. The application does not check the correct file format, leading to every subsequent application request returning an error. This renders the whole application unusable until a console intervention is made. The vulnerability is associated with insufficient input validation when uploading configuration files, which can be exploited by a remote attacker to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.