CVE-2023-23958: 
Symantec Protection Engine vulnerability analysis and mitigation

Symantec Protection Engine (SPE), prior to version 9.1.0, contains a Hash Leak vulnerability identified as CVE-2023-23958. The vulnerability affects the legacy web console of SPE and was discovered by Michal Bogdanowicz and Lukasz Bialek from NORDEA BANK ABP. This security issue was disclosed in September 2023 and affects both Protection Engine for Cloud Services and Protection Engine for NAS products (Broadcom Advisory).

The vulnerability is classified as medium severity with a CVSS v3.1 base score of 6.8 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). The issue allows sensitive information to be exposed to actors who are not explicitly authorized to access that information. The vulnerability specifically affects the legacy web console component of the Symantec Protection Engine (NVD, Broadcom Advisory).

The primary impact of this vulnerability is the potential exposure of sensitive information to unauthorized actors. The CVSS scoring indicates high confidentiality impact (C:H) while integrity and availability are not affected (I:N/A:N), suggesting that the vulnerability primarily concerns data exposure rather than system manipulation or service disruption (Broadcom Advisory).

Symantec has released version 9.1.0 of the Protection Engine to address this vulnerability. Additionally, several mitigation measures are recommended: use the new Symantec Protection Engine centralized console, restrict access to administrative systems to authorized privileged users, restrict remote access to trusted systems only, implement least privilege principles, keep systems updated with current patches, and deploy a multi-layered security approach including firewalls and intrusion detection systems (Broadcom Advisory).