A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication. Malicious unauthenticated users with knowledge on the underlying system may be able to extract limited asset information.

A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication. Malicious unauthenticated users with knowledge on the underlying system may be able to extract asset information.

Уязвимость компонента WebSocket средства обнаружения и отслеживания сетевой активности Nozomi Guardian и средства централизованного управления безопасностью Nozomi Central Management Console (CMC), позволяющая нарушителю оказать влияние на конфиденциальность защищаемой информации