Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Guardian
(Nozominetworks)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 19 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-02-22 | CVE-2021-26724 | OS Command Injection vulnerability when changing date settings or hostname using web GUI of Nozomi Networks Guardian and CMC allows authenticated administrators to perform remote code execution. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi Networks CMC 20.0.7.3 version 20.0.7.3 and prior versions. | Central_management_control, Guardian | 7.2 | ||
| 2021-02-22 | CVE-2021-26725 | Path Traversal vulnerability when changing timezone using web GUI of Nozomi Networks Guardian, CMC allows an authenticated administrator to read-protected system files. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi Networks CMC 20.0.7.3 version 20.0.7.3 and prior versions. | Central_management_control, Guardian | 4.9 | ||
| 2020-06-30 | CVE-2020-7049 | Nozomi Networks OS before 19.0.4 allows /#/network?tab=network_node_list.html CSV Injection. | Guardian | 7.3 | ||
| 2020-06-30 | CVE-2020-15307 | Nozomi Guardian before 19.0.4 allows attackers to achieve stored XSS (in the web front end) by leveraging the ability to create a custom field with a crafted field name. | Guardian | N/A |