No analysis available yet.
Vendor Solution
Upgrade to v26.2.0 or later.
Vendor Workaround
Use internal firewall features to limit access to the web management interface.
Tracking
Sign in to view the affected projects.
No advisories yet.
| Link | Providers |
|---|---|
| https://security.nozominetworks.com/NN-2026:10-01 |
|
Thu, 09 Jul 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 09 Jul 2026 08:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A Missing Authentication vulnerability was discovered in the SSH keys synchronization endpoint. An unauthenticated attacker can send a request to the SSH keys synchronization endpoint and obtain the list of users that have uploaded their public SSH keys, their groups, and the uploaded public SSH keys. | |
| Title | Missing authentication in SSH keys synchronization endpoint in Guardian/CMC before 26.2.0 | |
| First Time appeared |
Nozomi Networks
Nozomi Networks cmc Nozomi Networks guardian |
|
| Weaknesses | CWE-306 | |
| CPEs | cpe:2.3:a:nozomi_networks:cmc:*:*:*:*:*:*:*:* cpe:2.3:a:nozomi_networks:guardian:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Nozomi Networks
Nozomi Networks cmc Nozomi Networks guardian |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: Nozomi
Published:
Updated: 2026-07-09T12:41:20.941Z
Reserved: 2026-03-10T16:14:03.266Z
Link: CVE-2026-31983
Updated: 2026-07-09T12:41:17.695Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-09T11:15:16Z
-
CWE-306
Missing Authentication for Critical Function