CVE-2023-6263 - OpenCVE

An issue was discovered by IPVM team in Network Optix NxCloud before 23.1.0.40440. It was possible to add a fake VMS server to NxCloud by using the exact identification of a legitimate VMS server. As result, it was possible to retrieve authorization headers from legitimate users when the legitimate client connects to the fake VMS server.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Networkoptix	Nxcloud

Configuration 1 [-]

cpe:2.3:a:networkoptix:nxcloud:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://networkoptix.atlassian.net/wiki/spaces/CHS/blog/2023/09/22/3074195467/vulnerability+2023-09-21+-+Server+Spoofing

History

No history.

MITRE

Status: PUBLISHED

Assigner: NX

Published: 2023-11-22T17:56:56.711Z

Updated: 2024-08-02T08:28:20.362Z

Reserved: 2023-11-22T17:55:39.783Z

Link: CVE-2023-6263

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-11-22T18:15:09.780

Modified: 2023-12-18T15:15:09.893

Link: CVE-2023-6263

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6263", "assignerOrgId": "96d4e157-0bf0-48b3-8efd-382c68caf4e0", "state": "PUBLISHED", "assignerShortName": "NX", "dateReserved": "2023-11-22T17:55:39.783Z", "datePublished": "2023-11-22T17:56:56.711Z", "dateUpdated": "2024-08-02T08:28:20.362Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["traffic_relay", "cloud_db"], "product": "NxCloud", "vendor": "Network Optix", "versions": [{"lessThan": "23.1.0.40440", "status": "affected", "version": "0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">An issue was discovered by IPVM team in Network Optix NxCloud before 23.1.0.40440. </span><span style=\"background-color: rgb(255, 255, 255);\">It was possible to add a fake VMS server to NxCloud by using the exact </span><span style=\"background-color: rgb(255, 255, 255);\">identification of a legitimate VMS server. As result, it was possible to </span><span style=\"background-color: rgb(255, 255, 255);\">retrieve authorization headers from legitimate users when the </span><span style=\"background-color: rgb(255, 255, 255);\">legitimate client connects to the fake VMS server.</span><br>"}], "value": "An issue was discovered by IPVM team in Network Optix NxCloud before 23.1.0.40440.\u00a0It was possible to add a fake VMS server to NxCloud by using the exact\u00a0identification of a legitimate VMS server. As result, it was possible to\u00a0retrieve authorization headers from legitimate users when the\u00a0legitimate client connects to the fake VMS server.\n"}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-290", "description": "CWE-290 Authentication Bypass by Spoofing", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "96d4e157-0bf0-48b3-8efd-382c68caf4e0", "shortName": "NX", "dateUpdated": "2023-12-18T14:31:16.795Z"}, "references": [{"url": "https://networkoptix.atlassian.net/wiki/spaces/CHS/blog/2023/09/22/3074195467/vulnerability+2023-09-21+-+Server+Spoofing"}], "source": {"discovery": "UNKNOWN"}, "title": "Server Spoofing Vulnerability in NxCloud", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:28:20.362Z"}, "title": "CVE Program Container", "references": [{"url": "https://networkoptix.atlassian.net/wiki/spaces/CHS/blog/2023/09/22/3074195467/vulnerability+2023-09-21+-+Server+Spoofing", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:networkoptix:nxcloud:*:*:*:*:*:*:*:*", "matchCriteriaId": "690A44F2-1ED6-4490-9E4E-17C6FFACD3AE", "versionEndExcluding": "23.1.0.40440", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered by IPVM team in Network Optix NxCloud before 23.1.0.40440.\u00a0It was possible to add a fake VMS server to NxCloud by using the exact\u00a0identification of a legitimate VMS server. As result, it was possible to\u00a0retrieve authorization headers from legitimate users when the\u00a0legitimate client connects to the fake VMS server.\n"}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Network Optix NxCloud antes de 23.1.0.40440. Fue posible agregar un servidor VMS falso a NxCloud utilizando la identificaci\u00f3n exacta de un servidor VMS leg\u00edtimo. Como resultado, fue posible recuperar encabezados de autorizaci\u00f3n de usuarios leg\u00edtimos cuando el cliente leg\u00edtimo se conecta al servidor VMS falso."}], "id": "CVE-2023-6263", "lastModified": "2023-12-18T15:15:09.893", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 6.0, "source": "96d4e157-0bf0-48b3-8efd-382c68caf4e0", "type": "Secondary"}]}, "published": "2023-11-22T18:15:09.780", "references": [{"source": "96d4e157-0bf0-48b3-8efd-382c68caf4e0", "tags": ["Vendor Advisory"], "url": "https://networkoptix.atlassian.net/wiki/spaces/CHS/blog/2023/09/22/3074195467/vulnerability+2023-09-21+-+Server+Spoofing"}], "sourceIdentifier": "96d4e157-0bf0-48b3-8efd-382c68caf4e0", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-290"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-290"}], "source": "96d4e157-0bf0-48b3-8efd-382c68caf4e0", "type": "Secondary"}]}