A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication.

Malicious unauthenticated users with knowledge on the underlying system may be able to extract asset information.

Related CVEs

CVE-2023-5253

Key Information

GHSA ID

GHSA-frjw-g5j9-99p6

Published

January 15, 2024 12:30 PM

Last Modified

September 20, 2024 12:31 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 12, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.