CVE-2025-3719

High CVSS: 7.2

An access control vulnerability was discovered in the CLI functionality due to a specific access restriction not being properly enforced for users with limited privileges. An authenticated user with limited privileges can issue administrative CLI commands, altering the device configuration, and/or affecting its availability.

Vendor

Nozominetworks

Product

Cmc

CWE

CWE-863

Yayın Tarihi

2025-10-07 13:15:33

Güncelleme

2025-10-09 16:38:45

Source Identifier

prodsec@nozominetworks.com

KEV Date Added

Kategoriler

CWE-863 Cmc HIGH Nozominetworks 2025

Referanslar

https://security.nozominetworks.com/NN-2025:5-01

Benzer Kayıtlar

Medium

CVE-2025-40896

The server certificate was not verified when an Arc agent connected to a Guardian or CMC. A malicious actor could per…

Low

CVE-2025-40894

A Stored HTML Injection vulnerability was discovered in the Alerted Nodes Dashboard functionality due to improper valida…

Low

CVE-2025-40895

A Stored HTML Injection vulnerability was discovered in the CMC's Sensor Map functionality due to improper validation on…

Low

CVE-2025-40891

A Stored HTML Injection vulnerability was discovered in the Time Machine Snapshot Diff functionality due to improper val…

High

CVE-2025-40892

A Stored Cross-Site Scripting vulnerability was discovered in the Reports functionality due to improper validation of an…

Medium

CVE-2025-40893

A Stored HTML Injection vulnerability was discovered in the Asset List functionality due to improper validation of netwo…