CVE-2026-10056

May 29, 2026, 9:16 a.m.

7.5
High

Description

CORS misconfiguration in the REST API of Network Optix Nx Witness VMS before version 6.1.2, when running in the default Standard security mode, on Linux and Windows allows an unauthenticated remote attacker to steal the session token of an authenticated user and perform Administrator Account Takeover via a malicious cross-origin web page visited by the victim. The High security mode is not affected.Workaround: For existing installations running in Standard security mode, set Access-Control-Allow-Credentials to false via the REST API: PATCH /rest/v2/system/settings with body {"supportedOrigins": "null"}. Alternatively, select High security level during initial setup. Solution: Update to Nx Witness VMS version 6.1.2 or later, in which Access-Control-Allow-Credentials is set to false in the default Standard security configuration.

Product(s) Impacted

Vendor Product Versions
Network Optix
  • Nx Witness Vms
  • <6.1.2

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-942
Permissive Cross-domain Policy with Untrusted Domains
The product uses a cross-domain policy file that includes domains that should not be trusted.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a network_optix nx_witness_vms <6.1.2 / / / / / / /

References

https://support.networkoptix.com/hc/en-us/articles/39254208939159-How-to-Enable-CORS-Validation

Tags

CWE-942
96d4e157-0bf0-48b3-8efd-382c68caf4e0
2026-05-29
CVE-2026-10056

CVSS Score

7.5 / 10

CVSS Data - 3.1

  • Attack Vector: NETWORK
  • Attack Complexity: HIGH
  • Privileges Required: NONE
  • Scope: UNCHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH

    • CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

    View Vector String

Timeline

Published: May 29, 2026, 9:16 a.m.
Last Modified: May 29, 2026, 9:16 a.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

96d4e157-0bf0-48b3-8efd-382c68caf4e0

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.