Firebox Authenticated Arbitrary File Read Vulnerability
Advisory ID
WGSA-2023-00002
CVE
CVE-2023-2357
Impact
Medium
Status
Resolved
Product Family
Firebox
Published Date
Updated Date
Workaround Available
True
CVSS Score
4.9
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker to read arbitrary text files from the filesystem via the Fireware management command line interface.
Affected
Fireware OS before 12.9.3
Resolution
Fireware OS 12.9.3
Workaround
In order to successfully exploit this vulnerability, an attacker must successfully authenticate using a management account (read-only or read-write) to the Fireware command line interface. Firebox administrators should follow the best practices described here to securely enable remote Firebox management where needed.
Credits
Reported by independent security researcher Ren9IE
Advisory Product List
| Product Family | Product Branch | Product List |
|---|---|---|
Firebox
|
Fireware OS 12.x | T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV |
Firebox
|
Fireware OS 12.5.x | T15, T35 |