Nozomi Networks Guardian and CMC Client-Side Path Traversal Vulnerability Leading to Cross-Site Scripting

A client-side path traversal vulnerability has been identified in the web management interface of Nozomi Networks Guardian and CMC versions prior to 25.2.0. This vulnerability arises from inadequate validation of an input parameter, allowing an authenticated user with limited privileges to create a malicious URL. If this URL is accessed by an authenticated user, it can trigger a Cross-Site Scripting (XSS) attack.

Impact

Exploitation of this vulnerability allows for Cross-Site Scripting (XSS) attacks, where an authenticated user can be tricked into executing malicious scripts in their browser. This could lead to unauthorized actions being performed on the web management interface or the exposure of sensitive information from the user's browser.

Remediation

Users are advised to upgrade to Nozomi Networks Guardian or CMC version 25.2.0 or later. Additionally, internal firewall features can be used to restrict access to the web management interface. It's also recommended to review and manage accounts with access to the interface, deleting any unnecessary ones.