漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0
Vulnerability Description
A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, allows an unauthenticated attacker to crash the IDS module by sending specially crafted malformed network packets. During the (limited) time window before the IDS module is automatically restarted, network traffic may not be analyzed.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
CWE-1286
Vulnerability Title
Nozomi Networks Guardian 输入验证错误漏洞
Vulnerability Description
Nozomi Networks Guardian是美国Nozomi Networks公司的一款物联网设备和软件检查系统。 Nozomi Networks Guardian和CMC存在安全漏洞,该漏洞源于IDS的Asset Intelligence功能存在输入验证不当问题,导致存在拒绝服务 (Dos) 漏洞。
CVSS Information
N/A
Vulnerability Type
N/A