{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6916", "assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c", "state": "PUBLISHED", "assignerShortName": "Nozomi", "dateReserved": "2023-12-18T10:31:09.989Z", "datePublished": "2024-04-10T15:50:57.919Z", "dateUpdated": "2024-09-20T11:47:45.639Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Guardian", "vendor": "Nozomi Networks", "versions": [{"lessThan": "23.4.1", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "CMC", "vendor": "Nozomi Networks", "versions": [{"lessThan": "23.4.1", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "This issue was reported by Maciej Kosz."}], "datePublic": "2024-04-10T15:41:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div><div>Audit records for OpenAPI requests may include sensitive information.</div></div>This could lead to unauthorized accesses and privilege escalation."}], "value": "Audit records for OpenAPI requests may include sensitive information.\n\n\n\nThis could lead to unauthorized accesses and privilege escalation."}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "CAPEC-114 Authentication Abuse"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 7.5, "baseSeverity": "HIGH", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-201", "description": "CWE-201 Insertion of Sensitive Information Into Sent Data", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c", "shortName": "Nozomi", "dateUpdated": "2024-09-20T11:47:45.639Z"}, "references": [{"url": "https://security.nozominetworks.com/NN-2023:17-01"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div><div>Upgrade to v23.4.1 or later.</div></div>"}], "value": "Upgrade to v23.4.1 or later."}], "source": {"discovery": "EXTERNAL"}, "title": "Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div><div>Nozomi Networks recommends creating specific users for OpenAPI usage, with only the necessary permissions to access the required data sources.<br>Additionally, it is advised to limit API keys to allowed IP addresses whenever possible.<br>Finally, it is also suggested to regenerate existing API keys periodically and to review sign-ins via API keys in the audit records.</div></div>"}], "value": "Nozomi Networks recommends creating specific users for OpenAPI usage, with only the necessary permissions to access the required data sources.\nAdditionally, it is advised to limit API keys to allowed IP addresses whenever possible.\nFinally, it is also suggested to regenerate existing API keys periodically and to review sign-ins via API keys in the audit records."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:42:08.668Z"}, "title": "CVE Program Container", "references": [{"url": "https://security.nozominetworks.com/NN-2023:17-01", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "nozominetworks", "product": "guardian", "cpes": ["cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "23.4.1", "versionType": "semver"}]}, {"vendor": "nozominetworks", "product": "central_management_control", "cpes": ["cpe:2.3:a:nozominetworks:central_management_control:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "23.4.1", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-04-10T19:50:52.538053Z", "id": "CVE-2023-6916", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-12T17:26:46.970Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.nozominetworks.com/NN-2023:17-01", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:42:08.668Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6916", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-04-10T19:50:52.538053Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*"], "vendor": "nozominetworks", "product": "guardian", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "23.4.1"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:nozominetworks:central_management_control:*:*:*:*:*:*:*:*"], "vendor": "nozominetworks", "product": "central_management_control", "versions": [{"status": "affected", "version": "0", "lessThan": "23.4.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-12T17:26:42.689Z"}}], "cna": {"title": "Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "This issue was reported by Maciej Kosz."}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "CAPEC-114 Authentication Abuse"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.5, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Nozomi Networks", "product": "Guardian", "versions": [{"status": "affected", "version": "0", "lessThan": "23.4.1", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Nozomi Networks", "product": "CMC", "versions": [{"status": "affected", "version": "0", "lessThan": "23.4.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to v23.4.1 or later.", "supportingMedia": [{"type": "text/html", "value": "<div><div>Upgrade to v23.4.1 or later.</div></div>", "base64": false}]}], "datePublic": "2024-04-10T15:41:00.000Z", "references": [{"url": "https://security.nozominetworks.com/NN-2023:17-01"}], "workarounds": [{"lang": "en", "value": "Nozomi Networks recommends creating specific users for OpenAPI usage, with only the necessary permissions to access the required data sources.\nAdditionally, it is advised to limit API keys to allowed IP addresses whenever possible.\nFinally, it is also suggested to regenerate existing API keys periodically and to review sign-ins via API keys in the audit records.", "supportingMedia": [{"type": "text/html", "value": "<div><div>Nozomi Networks recommends creating specific users for OpenAPI usage, with only the necessary permissions to access the required data sources.<br>Additionally, it is advised to limit API keys to allowed IP addresses whenever possible.<br>Finally, it is also suggested to regenerate existing API keys periodically and to review sign-ins via API keys in the audit records.</div></div>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Audit records for OpenAPI requests may include sensitive information.\n\n\n\nThis could lead to unauthorized accesses and privilege escalation.", "supportingMedia": [{"type": "text/html", "value": "<div><div>Audit records for OpenAPI requests may include sensitive information.</div></div>This could lead to unauthorized accesses and privilege escalation.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-201", "description": "CWE-201 Insertion of Sensitive Information Into Sent Data"}]}], "providerMetadata": {"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c", "shortName": "Nozomi", "dateUpdated": "2024-09-20T11:47:45.639Z"}}}, "cveMetadata": {"cveId": "CVE-2023-6916", "state": "PUBLISHED", "dateUpdated": "2024-09-20T11:47:45.639Z", "dateReserved": "2023-12-18T10:31:09.989Z", "assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c", "datePublished": "2024-04-10T15:50:57.919Z", "assignerShortName": "Nozomi"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Audit records for OpenAPI requests may include sensitive information.\n\n\n\nThis could lead to unauthorized accesses and privilege escalation."}, {"lang": "es", "value": "Los registros de auditor\u00eda de solicitudes de OpenAPI pueden incluir informaci\u00f3n confidencial. Esto podr\u00eda provocar accesos no autorizados y escalada de privilegios."}], "id": "CVE-2023-6916", "lastModified": "2024-11-21T08:44:49.807", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "prodsec@nozominetworks.com", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "HIGH"}, "source": "prodsec@nozominetworks.com", "type": "Secondary"}]}, "published": "2024-04-10T16:15:09.190", "references": [{"source": "prodsec@nozominetworks.com", "url": "https://security.nozominetworks.com/NN-2023:17-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.nozominetworks.com/NN-2023:17-01"}], "sourceIdentifier": "prodsec@nozominetworks.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-201"}], "source": "prodsec@nozominetworks.com", "type": "Secondary"}]}

{}