Nokia Broadcast Message Center is a broadcast message center for Nokia Finland to manage alerts. An SQL injection vulnerability exists in Nokia Broadcast Message Center 11.1.0 and earlier versions, which originates in /owui/block/send-receive-updates extIdentifier HTTP POST parameter is missing filtering and escaping. An attacker could use this vulnerability to obtain database user, database name and database version information, as well as potentially database data.