An authenticated administrator can upload a SAML configuration file with the wrong format, with the application not checking the correct file format. Every subsequent application request will return an error.
The whole application in rendered unusable until a console intervention.
References
| Link | Resource |
|---|---|
| https://security.nozominetworks.com/NN-2023:7-01 | Vendor Advisory |
| https://security.nozominetworks.com/NN-2023:7-01 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:47
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://security.nozominetworks.com/NN-2023:7-01 - Vendor Advisory |
20 Sep 2024, 12:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-1286 |
28 May 2024, 13:15
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | (en) An authenticated administrator can upload a SAML configuration file with the wrong format, with the application not checking the correct file format. Every subsequent application request will return an error. The whole application in rendered unusable until a console intervention. |
16 Aug 2023, 19:44
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Nozominetworks cmc
Nozominetworks guardian Nozominetworks |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.9 |
| CPE | cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:* cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:* |
|
| CWE | NVD-CWE-noinfo | |
| References | (MISC) https://security.nozominetworks.com/NN-2023:7-01 - Vendor Advisory |
09 Aug 2023, 10:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-08-09 10:15
Updated : 2024-11-21 07:47
NVD link : CVE-2023-23903
Mitre link : CVE-2023-23903
CVE.ORG link : CVE-2023-23903
JSON object : View
Products Affected
nozominetworks
- guardian
- cmc
CWE