CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2022/09/19 4:15 p.m.•0 views

CVE-2022-40712

An issue was discovered in NOKIA 1350OMS R14.2. Reflected XSS exists under different /cgi-bin/R14.2 endpoints...

6.1CVSS5.8AI score

Prion•added 2022/09/19 4:15 p.m.•11 views

Cross site scripting

An issue was discovered in NOKIA 1350OMS R14.2. Reflected XSS exists under different /cgi-bin/R14.2 endpoints...

5.8CVSS6AI score0.00356EPSS

Prion•added 2022/09/19 4:15 p.m.•9 views

Cross site scripting

An issue was discovered in NOKIA 1350OMS R14.2. Reflected XSS exists under different /oms1350/ endpoints...

5.8CVSS6AI score0.00356EPSS

CVE•added 2022/09/19 3:52 p.m.•64 views

CVE-2022-40715

Summary : CVE-2022-40715 affects Nokia 1350 OMS (R14.2). An Absolute Path Traversal vulnerability exists in a specific endpoint exploitable via the logfile parameter, allowing a remote authenticated attacker to read arbitrary files on the filesystem. The issue is centered on a vulnerable endpoint...

6.5CVSS6.1AI score0.00396EPSS

Cvelist•added 2022/09/19 3:52 p.m.•17 views

CVE-2022-40714

An issue was discovered in NOKIA 1350OMS R14.2. Reflected XSS exists under different /oms1350/ endpoints...

6.1AI score0.00356EPSS

CVE•added 2022/09/19 3:52 p.m.•60 views

CVE-2022-40714

The CVE-2022-40714 issue affects Nokia 1350 OMS R14.2. It describes a reflected XSS in multiple /oms1350/* endpoints. According to the NVD entry, the vulnerability has CVSS v3.1 metrics: AV:N, AC:L, PR:N, UI:R, S:C, C:L, I:L, A:N, with a base score of 6.1 (Medium). Exploitation status or concrete...

6.1CVSS5.9AI score0.00356EPSS

CVE•added 2022/09/19 3:52 p.m.•44 views

CVE-2022-40713

CVE-2022-40713 affects NOKIA 1350OMS R14.2. Multiple Relative Path Traversal flaws exist in different endpoints via the file parameter, allowing a remote authenticated attacker to read arbitrary files on the filesystem. The NVD/NVD-derived CVSSv3.1 metrics show a base score of 6.5 (Medium) with N...

6.5CVSS6.1AI score0.00256EPSS

CVE•added 2022/09/19 3:52 p.m.•48 views

CVE-2022-40712

Consolidated CVE-2022-40712 details: NOKIA 1350OMS (R14.2) has a reflected XSS issue affecting multiple /cgi-bin/R14.2* endpoints. The CVSS v3.1 base score is 6.1 (Medium): Network attack vector, low impact on confidentiality/integrity, high user interaction required. Exploitation status is not f...

6.1CVSS5.9AI score0.00356EPSS

Cvelist•added 2022/09/19 3:52 p.m.•15 views

CVE-2022-40712

An issue was discovered in NOKIA 1350OMS R14.2. Reflected XSS exists under different /cgi-bin/R14.2 endpoints...

6.1AI score0.00356EPSS

CNNVD•added 2022/09/19 12:0 a.m.•1 views

NOKIA 1350 OMS 跨站脚本漏洞

NOKIA 1350 OMS is an optical management system from the Finnish company Nokia NOKIA. A security vulnerability exists in NOKIA 1350 OMS version R14.2, which originates from a discovery under a different /oms1350/ endpoint that contains a reflected cross-site scripting vulnerability...

6.1CVSS5.9AI score0.00356EPSS

CNNVD•added 2022/09/19 12:0 a.m.•1 views

NOKIA 1350 OMS 路径遍历漏洞

NOKIA 1350 OMS is an optical management system from the Finnish company Nokia NOKIA. A security vulnerability exists in NOKIA 1350 OMS version R14.2. An attacker can exploit the vulnerability to arbitrarily read files on the file system...

6.5CVSS6.5AI score0.00256EPSS

Exploits0References3

ATTACKERKB•added 2022/09/13 9:15 p.m.•1 views

CVE-2022-39821

In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem...

7.5CVSS5.8AI score0.00316EPSS

NVD•added 2022/09/13 9:15 p.m.•9 views

CVE-2022-39819

In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. This allows authenticated users to execute commands on the operating system...

8.8CVSS0.03544EPSS

ATTACKERKB•added 2022/09/13 9:15 p.m.•2 views

CVE-2022-39819

In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. This allows authenticated users to execute commands on the operating system...

8.8CVSS6AI score0.03544EPSS

ATTACKERKB•added 2022/09/13 9:15 p.m.•3 views

CVE-2022-39815

In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. This vulnerability allow unauthenticated users to execute commands on the operating system...

9.8CVSS6AI score0.13489EPSS

NVD•added 2022/09/13 9:15 p.m.•12 views

CVE-2022-39816

In NOKIA 1350 OMS R14.2, Insufficiently Protected Credentials cleartext administrator password occur in the edit configuration page. Exploitation requires an authenticated attacker...

6.5CVSS0.00213EPSS

OSV•added 2022/09/13 9:15 p.m.•0 views

CVE-2022-39815

In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. This vulnerability allow unauthenticated users to execute commands on the operating system...

9.8CVSS5.9AI score

NVD•added 2022/09/13 9:15 p.m.•14 views

CVE-2022-39817

In NOKIA 1350 OMS R14.2, multiple SQL Injection vulnerabilities occurs. Exploitation requires an authenticated attacker. Through the injection of arbitrary SQL statements, a potential authenticated attacker can modify query syntax and perform unauthorized and unexpected operations against the...

8.8CVSS0.00314EPSS

NVD•added 2022/09/13 9:15 p.m.•12 views

CVE-2022-39814

In NOKIA 1350 OMS R14.2, an Open Redirect vulnerability occurs is the login page via next HTTP GET parameter...

6.1CVSS0.00206EPSS