{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-7308","assignerOrgId":"83251b91-4cc7-4094-a5c7-464a1b83ea10","state":"PUBLISHED","assignerShortName":"VulnCheck","dateReserved":"2025-08-25T19:47:34.913Z","datePublished":"2025-08-27T21:26:35.196Z","dateUpdated":"2025-11-28T21:41:25.848Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unknown","modules":["/cgi-bin/authUser/authManageSet.cgi"],"product":"SecGate3600 Firewall","vendor":"NSFOCUS","versions":[{"status":"affected","version":"*"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:h:nsfocusglobal:secgate3600:-:*:*:*:*:*:*:*","vulnerable":true}],"negate":false,"operator":"OR"}],"operator":"OR"}],"credits":[{"lang":"en","type":"finder","value":"Zhuge Liang"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"SecGate3600, a network firewall product developed by NSFOCUS, contains a sensitive information disclosure vulnerability in the /cgi-bin/authUser/authManageSet.cgi endpoint. The affected component fails to enforce authentication checks on POST requests to retrieve user data. An unauthenticated remote attacker can exploit this flaw to obtain sensitive information, including user identifiers and configuration details, by sending crafted requests to the vulnerable endpoint. An affected version range is undefined.&nbsp;Exploitation evidence was first observed by the Shadowserver Foundation on <span style=\"background-color: rgb(255, 255, 255);\">2024-06-18 UTC</span>."}],"value":"SecGate3600, a network firewall product developed by NSFOCUS, contains a sensitive information disclosure vulnerability in the /cgi-bin/authUser/authManageSet.cgi endpoint. The affected component fails to enforce authentication checks on POST requests to retrieve user data. An unauthenticated remote attacker can exploit this flaw to obtain sensitive information, including user identifiers and configuration details, by sending crafted requests to the vulnerable endpoint. An affected version range is undefined. Exploitation evidence was first observed by the Shadowserver Foundation on 2024-06-18 UTC."}],"impacts":[{"capecId":"CAPEC-114","descriptions":[{"lang":"en","value":"CAPEC-114 Authentication Abuse"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":8.7,"baseSeverity":"HIGH","exploitMaturity":"NOT_DEFINED","privilegesRequired":"NONE","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-306","description":"CWE-306 Missing Authentication for Critical Function","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"83251b91-4cc7-4094-a5c7-464a1b83ea10","shortName":"VulnCheck","dateUpdated":"2025-11-28T21:41:25.848Z"},"references":[{"tags":["exploit"],"url":"https://github.com/jjjj1029056414/selfpoc/blob/main/wangshen-SecGate3600-information-leakage.py"},{"tags":["product"],"url":"https://nsfocusglobal.com/products/next-gen-firewall-2/"},{"tags":["third-party-advisory"],"url":"https://www.vulncheck.com/advisories/secgate3600-firewall-info-disc"}],"source":{"discovery":"UNKNOWN"},"tags":["x_known-exploited-vulnerability"],"title":"SecGate3600 Firewall Information Disclosure via authManageSet.cgi","x_generator":{"engine":"vulncheck"}},"adp":[{"references":[{"url":"https://www.vulncheck.com/advisories/secgate3600-firewall-info-disc","tags":["exploit"]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-08-28T14:21:39.899281Z","id":"CVE-2023-7308","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-08-28T14:49:51.024Z"}}]}}