Nozomi Networks Guardian and CMC SQL Injection Vulnerability in CLI Functionality

A SQL injection vulnerability has been identified in the command-line interface (CLI) functionality of Nozomi Networks Guardian and CMC versions prior to 25.3.0. This vulnerability arises from inadequate validation of an input parameter, allowing an authenticated user with limited privileges to execute arbitrary SELECT SQL statements on the database management system (DBMS) used by the web application. As a result, unauthorized data may be exposed.

Impact

Exploitation of this vulnerability allows for authenticated users with limited privileges to perform SQL injection attacks, executing arbitrary SELECT statements on the application's database. This could lead to the unauthorized exposure of sensitive data.

Remediation

Users are advised to upgrade to version 25.3.0 or later. Additionally, internal firewall features can be used to limit access to the web management interface, and accounts with access to this interface should be reviewed and unnecessary ones deleted.