CVE-2021-26725 : What You Need to Know

A Path Traversal vulnerability was discovered in Nozomi Networks Guardian and CMC, allowing an authenticated administrator to access protected system files. This vulnerability affects versions 20.0.7.3 and earlier of both products.

Understanding CVE-2021-26725

This CVE relates to an authenticated command path traversal issue in Guardian and CMC versions before 20.0.7.4.

What is CVE-2021-26725?

The CVE-2021-26725 refers to a Path Traversal vulnerability in Nozomi Networks Guardian and CMC products, enabling authenticated users to read protected system files by changing the timezone using the web GUI.

The Impact of CVE-2021-26725

The vulnerability poses a high severity risk, with a CVSS base score of 7.2. It can lead to high confidentiality, integrity, and availability impacts on affected systems.

Technical Details of CVE-2021-26725

This section provides detailed technical insights into the vulnerability.

Vulnerability Description

The vulnerability allows authenticated users to access protected system files by manipulating the timezone settings through the web GUI.

Affected Systems and Versions

Nozomi Networks Guardian and CMC versions 20.0.7.3 and earlier are impacted by this vulnerability.

Exploitation Mechanism

An authenticated administrator can exploit this vulnerability by changing the timezone settings using the web GUI to access protected system files.

Mitigation and Prevention

Here are some steps to mitigate and prevent exploitation of CVE-2021-26725.

Immediate Steps to Take

Utilize the internal firewall feature to restrict management interface access and review user roles to limit privileges.

Long-Term Security Practices

Regularly update and patch your Nozomi Networks Guardian and CMC installations to stay protected against known vulnerabilities.