Lucene search
K

12 matches found

EUVD
EUVD
added 2026/05/08 6:32 a.m.9 views

EUVD-2022-48746

Nokia Broadcast Message Center BMC before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field...

6.5CVSS5.8AI score0.00826EPSS
Exploits3References3
NVD
NVD
added 2026/05/08 5:16 a.m.13 views

CVE-2022-45899

Nokia Broadcast Message Center BMC before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field...

6.5CVSS0.00826EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2026/05/08 12:0 a.m.9 views

CVE-2022-45899

Nokia Broadcast Message Center BMC before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field...

5.8AI score0.00826EPSS
Exploits3References2
ATTACKERKB
ATTACKERKB
added 2026/05/08 12:0 a.m.7 views

CVE-2022-45899

Nokia Broadcast Message Center BMC before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field...

5.8AI score0.00826EPSS
Exploits3References3
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.17 views

PT-2026-38659

Name of the Vulnerable Software and Affected Versions Nokia Broadcast Message Center BMC versions prior to 13.1 Description An unauthenticated remote attacker can perform OS command injection with root privileges. This is possible by using shell metacharacters within the Log Scanner Search Patter...

6.5CVSS5.8AI score0.00826EPSS
Exploits3References5
CVE
CVE
added 2026/05/08 12:0 a.m.12 views

CVE-2022-45899

Nokia BMC (Broadcast Message Center) Log Scanner, prior to version 13.1, is vulnerable to unauthenticated command injection via shell metacharacters in the Log Scanner Search Pattern field. An attacker can achieve remote code execution as root. The issue is fixed in version 13.1. Affected product...

6.5CVSS5.8AI score0.00826EPSS
Exploits3References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:53 p.m.7 views

CVE-2021-35487

Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates for the Manage Alerts page via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user,...

6.5CVSS7.8AI score0.00959EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/27 12:0 a.m.28 views

Nokia Broadcast Message Center SQL Injection Vulnerability (CNVD-2022-68946)

Nokia Broadcast Message Center is a broadcast message center for Nokia Finland to manage alerts. An SQL injection vulnerability exists in Nokia Broadcast Message Center 11.1.0 and earlier versions, which originates in /owui/block/send-receive-updates extIdentifier HTTP POST parameter is missing...

6.5CVSS2.2AI score0.00959EPSS
Exploits1References1
OSV
OSV
added 2022/05/25 2:15 p.m.3 views

CVE-2021-35487

Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates for the Manage Alerts page via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user,...

6.5CVSS5.9AI score0.00959EPSS
Exploits1References2
Prion
Prion
added 2022/05/25 2:15 p.m.19 views

Sql injection

Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates for the Manage Alerts page via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user,...

4CVSS6.8AI score0.00959EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/05/25 1:41 p.m.74 views

CVE-2021-35487

Summary : CVE-2021-35487 affects Nokia Broadcast Message Center up to version 11.1.0. An authenticated user can perform a Boolean Blind SQL Injection on the /owui/block/send-receive-updates endpoint via the extIdentifier HTTP POST parameter, enabling retrieval of the database user, database name,...

6.5CVSS6.7AI score0.00959EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.4 views

Nokia Broadcast Message Center SQL注入漏洞

Nokia Broadcast Message Center is a broadcast message center for Nokia Finland to manage alerts. An SQL injection vulnerability exists in Nokia Broadcast Message Center 11.1.0 and earlier versions, which originates in /owui/block/send-receive-updates extIdentifier HTTP POST parameter is missing...

6.5CVSS5.9AI score0.00959EPSS
Exploits1References3
Rows per page
Query Builder