12 matches found
EUVD-2022-48746
Nokia Broadcast Message Center BMC before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field...
CVE-2022-45899
Nokia Broadcast Message Center BMC before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field...
CVE-2022-45899
Nokia Broadcast Message Center BMC before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field...
CVE-2022-45899
Nokia Broadcast Message Center BMC before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field...
PT-2026-38659
Name of the Vulnerable Software and Affected Versions Nokia Broadcast Message Center BMC versions prior to 13.1 Description An unauthenticated remote attacker can perform OS command injection with root privileges. This is possible by using shell metacharacters within the Log Scanner Search Patter...
CVE-2022-45899
Nokia BMC (Broadcast Message Center) Log Scanner, prior to version 13.1, is vulnerable to unauthenticated command injection via shell metacharacters in the Log Scanner Search Pattern field. An attacker can achieve remote code execution as root. The issue is fixed in version 13.1. Affected product...
CVE-2021-35487
Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates for the Manage Alerts page via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user,...
Nokia Broadcast Message Center SQL Injection Vulnerability (CNVD-2022-68946)
Nokia Broadcast Message Center is a broadcast message center for Nokia Finland to manage alerts. An SQL injection vulnerability exists in Nokia Broadcast Message Center 11.1.0 and earlier versions, which originates in /owui/block/send-receive-updates extIdentifier HTTP POST parameter is missing...
CVE-2021-35487
Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates for the Manage Alerts page via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user,...
Sql injection
Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates for the Manage Alerts page via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user,...
CVE-2021-35487
Summary : CVE-2021-35487 affects Nokia Broadcast Message Center up to version 11.1.0. An authenticated user can perform a Boolean Blind SQL Injection on the /owui/block/send-receive-updates endpoint via the extIdentifier HTTP POST parameter, enabling retrieval of the database user, database name,...
Nokia Broadcast Message Center SQL注入漏洞
Nokia Broadcast Message Center is a broadcast message center for Nokia Finland to manage alerts. An SQL injection vulnerability exists in Nokia Broadcast Message Center 11.1.0 and earlier versions, which originates in /owui/block/send-receive-updates extIdentifier HTTP POST parameter is missing...