CVE-2023-2567: 
NixOS vulnerability analysis and mitigation

A SQL Injection vulnerability (CVE-2023-2567) was discovered in Nozomi Networks Guardian and CMC products. The vulnerability stems from improper input validation in certain parameters used in the Query functionality. The issue affects Guardian and CMC versions before 22.6.3 and 23.1.0 (Nozomi Advisory).

The vulnerability is classified as CWE-89 (SQL Injection) and received a CVSS v4.0 score of 8.7 (High) and CVSS v3.1 score of 8.8 (High). The vulnerability requires network access and low privilege level authentication, but no user interaction. The attack complexity is considered low. The complete CVSS v4.0 vector is CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N (NVD, Nozomi Advisory).

When exploited, authenticated users can execute arbitrary SQL statements on the database management system (DBMS) used by the web application. This could potentially lead to unauthorized access to sensitive information stored in the database (Nozomi Advisory).

Nozomi Networks recommends upgrading to version 22.6.3, 23.1.0, or later to address this vulnerability. As a temporary workaround, organizations can use internal firewall features to limit access to the web management interface (Nozomi Advisory).

The vulnerability was discovered by Mostafa Soliman of IBM X-Force Red during a VAPT testing session commissioned by a Nozomi Networks customer (Nozomi Advisory).