No advisories yet.
Solution
Upgrade to v26.2.0 or later.
Workaround
Use internal firewall features to limit access to the web management interface.
| Link | Providers |
|---|---|
| https://security.nozominetworks.com/NN-2026:9-01 |
|
Thu, 09 Jul 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 09 Jul 2026 08:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An Open Redirect vulnerability was discovered in the SAML Single Sign-On functionality due to insufficient validation of a user-controlled redirection parameter. An unauthenticated attacker can craft a request to the SAML sign-in endpoint and poison the cached SAML redirection for other users who subsequently initiate SAML Single Sign-On, enabling phishing and credential-theft attacks, as well as disrupting SAML authentication for all affected users. | |
| Title | Open Redirect in SAML Single Sign-On in Guardian/CMC before 26.2.0 | |
| First Time appeared |
Nozomi Networks
Nozomi Networks cmc Nozomi Networks guardian |
|
| Weaknesses | CWE-601 | |
| CPEs | cpe:2.3:a:nozomi_networks:cmc:*:*:*:*:*:*:*:* cpe:2.3:a:nozomi_networks:guardian:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Nozomi Networks
Nozomi Networks cmc Nozomi Networks guardian |
|
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: Nozomi
Published:
Updated: 2026-07-09T12:42:40.823Z
Reserved: 2026-03-10T16:14:03.266Z
Link: CVE-2026-31982
Updated: 2026-07-09T12:41:40.431Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-09T09:30:04Z