VYPR
Unrated severityNVD Advisory· Published Jan 15, 2024· Updated Jun 17, 2025

Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0

CVE-2023-5253

Description

A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication.

Malicious unauthenticated users with knowledge on the underlying system may be able to extract limited asset information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.