CVE-2023-24471

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Aug 9, 2023

Updated: May 28, 2024

CWE ID 863

Summary

CVE-2023-24471 is an access control vulnerability that has been identified. This issue arises because the enforced restrictions on actual assertions in the debug functionality are not being adhered to. Consequently, an authenticated user with limited visibility can unlawfully access unauthorized information through the debug functionality. This vulnerability could potentially grant users access to data that is ordinarily inaccessible via the Query and Assertions functions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Nozomi Networks Guardian

Affected Vendors

Nozomi Networks

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sRnJpT
https://www.cve.org/CVERecord?id=CVE-2023-24471
https://nvd.nist.gov/vuln/detail/CVE-2023-24471

Back to Vulnerability Database