Skip to main content

Impact

7 CVEs product

Monthly

CVE-2021-35485 HIGH This Week

Impact versions up to 19.11.2.10-20210118042150283 is affected by unrestricted upload of file with dangerous type (CVSS 8.0).

File Upload Impact
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2021-35484 HIGH This Week

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL Injection attack on the endpoint /ui/rest-proxy/campaign/statistic (for the View Campaign page) via the sortColumn HTTP GET parameter. [CVSS 8.2 HIGH]

SQLi Impact
NVD
CVSS 3.1
8.2
EPSS
0.0%
CVE-2021-35483 MEDIUM This Month

Impact versions up to 19.11.2.10-20210118042150283 is affected by cross-site scripting (xss) (CVSS 4.1).

XSS Impact
NVD
CVSS 3.1
4.1
EPSS
0.0%
CVE-2019-17406 MEDIUM POC This Month

Nokia IMPACT < 18A has path traversal that may lead to RCE if chained with CVE-2019-1743. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Nokia Path Traversal Impact
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2019-17405 MEDIUM POC This Month

Nokia IMPACT < 18A: has Reflected self XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Nokia XSS Impact
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2019-17404 MEDIUM POC This Month

Nokia IMPACT < 18A: allows full path disclosure. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Nokia Path Traversal Impact
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2019-17403 HIGH POC This Week

Nokia IMPACT < 18A: An unrestricted File Upload vulnerability was found that may lead to Remote Code Execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Nokia File Upload RCE Impact
NVD
CVSS 3.1
8.8
EPSS
2.5%
EPSS 0% CVSS 8.0
HIGH This Week

Impact versions up to 19.11.2.10-20210118042150283 is affected by unrestricted upload of file with dangerous type (CVSS 8.0).

File Upload Impact
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL Injection attack on the endpoint /ui/rest-proxy/campaign/statistic (for the View Campaign page) via the sortColumn HTTP GET parameter. [CVSS 8.2 HIGH]

SQLi Impact
NVD
EPSS 0% CVSS 4.1
MEDIUM This Month

Impact versions up to 19.11.2.10-20210118042150283 is affected by cross-site scripting (xss) (CVSS 4.1).

XSS Impact
NVD
EPSS 1% CVSS 5.3
MEDIUM POC This Month

Nokia IMPACT < 18A has path traversal that may lead to RCE if chained with CVE-2019-1743. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Nokia Path Traversal Impact
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Nokia IMPACT < 18A: has Reflected self XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Nokia XSS Impact
NVD
EPSS 1% CVSS 4.3
MEDIUM POC This Month

Nokia IMPACT < 18A: allows full path disclosure. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Nokia Path Traversal Impact
NVD
EPSS 3% CVSS 8.8
HIGH POC This Week

Nokia IMPACT < 18A: An unrestricted File Upload vulnerability was found that may lead to Remote Code Execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Nokia File Upload RCE +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy