Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nokia vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2022-2483
The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public keys for firmware verification signature. If an attacker modifies the flash contents to corrupt the keys, secure boot could be permanently disabled on a given device.
Nokia Asik Airscale 474021a.102 Firmware -
Nokia Asik Airscale 474021a.101 Firmware -
7
CVSSv3
CVE-2023-25187
An issue exists on NOKIA Airscale ASIKA Single RAN devices prior to 21B. Nokia Single RAN commissioning procedures do not change (factory-time installed) default SSH public/private key values that are specific to a network operator. As a result, the CSP internal BTS network SSH s...
Nokia Asika Airscale Firmware 19b
Nokia Asika Airscale Firmware 20a
Nokia Asika Airscale Firmware 20b
Nokia Asika Airscale Firmware 20c
Nokia Asika Airscale Firmware 21a
1 EDB exploit
7
CVSSv3
CVE-2010-1437
Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and previous versions allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session co...
Linux Linux Kernel 2.6.34
Linux Linux Kernel
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise High Availability Extension 11
Debian Debian Linux 5.0
1 EDB exploit
6.5
CVSSv3
CVE-2022-41760
An issue exists in NOKIA NFM-T R19.9. Relative Path Traversal can occur under /oms1350/data/cpb/log of the Network Element Manager via the filename parameter, allowing a remote authenticated malicious user to read arbitrary files.
Nokia Network Functions Manager For Transport 19.9
6.5
CVSSv3
CVE-2022-41761
An issue exists in NOKIA NFM-T R19.9. An Absolute Path Traversal vulnerability exists under /cgi-bin/R19.9/viewlog.pl of the VM Manager WebUI via the logfile parameter, allowing a remote authenticated malicious user to read arbitrary files.
Nokia Network Functions Manager For Transport 19.9
6.5
CVSSv3
CVE-2022-39820
In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges t...
Nokia Network Functions Manager For Transport 19.9
6.5
CVSSv3
CVE-2023-26058
An XXE issue exists in Nokia NetAct prior to 22 FP2211 via an XML document to a Performance Manager page. Input validation and a proper XML parser configuration are missing. For an external attacker, it is very difficult to exploit this, because a few dynamically created paramete...
Nokia Netact 20.1
6.5
CVSSv3
CVE-2023-26057
An XXE issue exists in Nokia NetAct prior to 22 FP2211 via an XML document to the Configuration Dashboard page. Input validation and a proper XML parser configuration are missing. For an external attacker, it is very difficult to exploit this, because a few dynamically created pa...
Nokia Netact 20.1
6.5
CVSSv3
CVE-2022-36221
Nokia Fastmile 3tg00118abad52 is affected by an authenticated path traversal vulnerability which allows malicious users to read any named pipe file on the system.
Nokia Fastmile Firmware 3tg00118abad52
6.5
CVSSv3
CVE-2022-40713
An issue exists in NOKIA 1350OMS R14.2. Multiple Relative Path Traversal issues exist in different specific endpoints via the file parameter, allowing a remote authenticated malicious user to read files on the filesystem arbitrarily.
Nokia 1350 Optical Management System 14.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »