Security Advisory Detail

Firebox Authenticated Arbitrary File Read Vulnerability

Advisory ID
WGSA-2023-00002
CVE
CVE-2023-2357
Impact
Medium
Status
Resolved
Product Family
Firebox
Published Date
Updated Date
Workaround Available
True
CVSS Score
4.9
CVSS Vector
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary

WatchGuard Firebox and XTM appliances allow an authenticated remote attacker to read arbitrary text files from the filesystem via the Fireware management command line interface.

Affected

Fireware OS before 12.9.3

Resolution

Fireware OS 12.9.3

Workaround

In order to successfully exploit this vulnerability, an attacker must successfully authenticate using a management account (read-only or read-write) to the Fireware command line interface. Firebox administrators should follow the best practices described here to securely enable remote Firebox management where needed.

Credits
Reported by independent security researcher Ren9IE
Advisory Product List
Product Family
Product Branch
Product List
Firebox
XTM 8 Series (2nd Gen)
XTM850, XTM860, XTM870, XTM870-F
Firebox
XTM 1500 and 2520
XTM1520-RP, XTM1525-RP, XTM2520
Firebox
Firebox T (1st Gen)
T10, T10-W, T10-D, T30, T30-W, T50, T50-W
Firebox
Firebox T (2nd Gen)
T15, T15-W, T35, T35-W, T35-R, T55, T55-W, T70
Firebox
Firebox T (3rd Gen)
T20, T20-W, T40, T40-W, T80
Firebox
Firebox M (1st Gen)
M200, M300, M400, M440, M500
Firebox
Firebox M (2nd Gen)
M270, M370, M470, M570, M670
Firebox
Firebox M (3rd Gen)
M290, M390, M590, M690, M4800, M5800
Firebox
XTMv
Small, Medium, Large, Datacenter
Firebox
FireboxV
Small, Medium, Large, XLarge
Firebox
Firebox T (4th Gen)
NV5, T25, T45, T85
Firebox
FireboxCloud
Small, Medium, Large, XLarge