CVE-2026-31984
Received Received - Intake

Denial-of-Service via Unbounded Audit Logging in Nozomi Networks Product

Vulnerability report for CVE-2026-31984, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-09

Assigner: Nozomi Networks Inc.

Description

A denial-of-service vulnerability caused by unbounded resource allocation was discovered in the audit logging functionality, due to a missing size limit on input recorded into audit entries. An unauthenticated attacker can submit requests containing excessively large input that is recorded into audit entries, possibly exhausting the available disk space and rendering the system inoperable.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-09
Generated
2026-07-09
AI Q&A
2026-07-09
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
nozomi_networks guardian to 26.2.0 (exc)
nozomi_networks cmc to 26.2.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a denial-of-service issue found in the audit logging functionality of certain systems. It occurs because there is no size limit on the input recorded into audit entries, allowing an attacker to submit very large inputs.

An unauthenticated attacker can exploit this by sending excessively large requests that get recorded in audit logs, which can exhaust the available disk space and cause the system to become inoperable.

Impact Analysis

The impact of this vulnerability is that an attacker can cause a denial-of-service condition by filling up the disk space with large audit log entries.

This can render the affected system inoperable, potentially disrupting business operations and causing downtime.

Detection Guidance

This vulnerability involves unbounded resource allocation in audit logging, where excessively large input is recorded into audit entries, potentially exhausting disk space.

To detect this vulnerability on your system, you can check the version of the Guardian or CMC software running on your devices. Versions prior to 26.2.0 are vulnerable.

Additionally, monitoring disk usage on the system for unusual or rapidly increasing consumption in audit log directories can help identify exploitation attempts.

Suggested commands include:

  • Check software version: run the command or check the system interface to verify if the version is older than 26.2.0.
  • Monitor disk usage: use commands like 'df -h' to check disk space and 'du -sh /path/to/audit/logs' to check the size of audit log directories.
  • Inspect audit logs for unusually large entries or rapid growth.
Mitigation Strategies

Immediate mitigation steps include upgrading the Guardian or CMC software to version 26.2.0 or later, where the vulnerability has been fixed.

If upgrading is not immediately possible, restrict access to the web management interface by applying internal firewall rules to limit exposure to unauthenticated attackers.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-31984. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart