Linux
CVE-2025-0980
MEDIUM
Severity by source
AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Nokia SR Linux is vulnerable to an authentication vulnerability allowing unauthorized access to the JSON-RPC service. When exploited, an invalid validation allows JSON RPC access without providing valid authentication credentials.
AnalysisAI
Nokia SR Linux is vulnerable to an authentication vulnerability allowing unauthorized access to the JSON-RPC service. When exploited, an invalid validation allows JSON RPC access without providing valid authentication credentials. [CVSS 6.4 MEDIUM]
Technical ContextAI
Classified as CWE-284 (Improper Access Control). Nokia SR Linux is vulnerable to an authentication vulnerability allowing unauthorized access to the JSON-RPC service. When exploited, an invalid validation allows JSON RPC access without providing valid authentication credentials.
Affected ProductsAI
Nokia SR Linux is vulnerable to an authentication vulnerability allowing unauthorized access to the JSON-RPC service
RemediationAI
Monitor vendor advisories for a patch.
Same weakness CWE-284 – Improper Access Control
View allShare
External POC / Exploit Code
Leaving vuln.today