Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2021-35487
HistoryMay 25, 2022 - 1:41 p.m.

CVE-2021-35487

2022-05-2513:41:38
mitre
www.cve.org
3
nokia
broadcast message center
sql injection
manage alerts
http post
database information

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

32.8%

JSON

Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user, database name, and database version information, and potentially database data.

Related

prion 1
cnvd 1
nvd 1
cve 1
prion
prion
Sql injection
2022-05-25 14:15:00
cnvd
cnvd
Nokia Broadcast Message Center SQL Injection Vulnerability (CNVD-2022-68946)
2022-05-27 00:00:00
nvd
nvd
CVE-2021-35487
2022-05-25 14:15:08
cve
cve
CVE-2021-35487
2022-05-25 14:15:08

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

32.8%

JSON
Related for CVELIST:CVE-2021-35487
prion1cnvd1nvd1cve1