No advisories yet.
Solution
Upgrade to v26.2.0 or later.
Workaround
Use internal firewall features to limit access to the web management interface.
| Link | Providers |
|---|---|
| https://security.nozominetworks.com/NN-2026:10-01 |
|
Thu, 09 Jul 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 09 Jul 2026 08:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A Missing Authentication vulnerability was discovered in the SSH keys synchronization endpoint. An unauthenticated attacker can send a request to the SSH keys synchronization endpoint and obtain the list of users that have uploaded their public SSH keys, their groups, and the uploaded public SSH keys. | |
| Title | Missing authentication in SSH keys synchronization endpoint in Guardian/CMC before 26.2.0 | |
| First Time appeared |
Nozomi Networks
Nozomi Networks cmc Nozomi Networks guardian |
|
| Weaknesses | CWE-306 | |
| CPEs | cpe:2.3:a:nozomi_networks:cmc:*:*:*:*:*:*:*:* cpe:2.3:a:nozomi_networks:guardian:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Nozomi Networks
Nozomi Networks cmc Nozomi Networks guardian |
|
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: Nozomi
Published:
Updated: 2026-07-09T12:41:20.941Z
Reserved: 2026-03-10T16:14:03.266Z
Link: CVE-2026-31983
Updated: 2026-07-09T12:41:17.695Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-09T11:15:16Z