Nozomi Networks CMC Stored HTML Injection Vulnerability in Sensor Map Functionality

A stored HTML injection vulnerability exists in Nozomi Networks CMC versions prior to 25.6.0, specifically within the Sensor Map feature. This vulnerability arises from inadequate validation of properties associated with connected Guardians. An authenticated user with administrator rights on a Guardian can manipulate the Guardian's properties to insert HTML tags. If the Sensor Map feature is active in the CMC, the injected HTML could be rendered in the browser of a victim CMC user, potentially leading to phishing attacks or open redirects. However, full exploitation of cross-site scripting and direct information disclosure is mitigated by current input validation and Content Security Policy settings.

Impact

Exploitation allows for stored HTML injection, which could be used to execute phishing attacks or open redirects, by injecting HTML that is rendered in the browser of users interacting with the Sensor Map feature.

Remediation

Users are advised to upgrade to CMC version 25.6.0 or later.