7 matches found
CVE-2019-17406
Nokia IMPACT
CVE-2019-17404
CVE-2019-17404 concerns Nokia IMPACT before version 18A, where a path traversal flaw allows an attacker to disclose the full filesystem path. The issue is described across multiple sources (CNVD-2019-44224, Red Hat RH:CVE-2019-17404, NVD CVE-2019-17404). The connected documents do not provide exp...
CVE-2019-17405
CVE-2019-17405 affects Nokia IMPACT platforms earlier than version 18A, with a reflected self-XSS vulnerability. Connected sources identify Nokia IMPACT as the affected product and attribute the issue to improper validation of client-side data by the web application, enabling an attacker to execu...
CVE-2019-17403
CVE-2019-17403 : Nokia IMPACT versions prior to 18A contain an unrestricted file upload vulnerability that could enable remote code execution. The cited descriptions consistently state this vulnerability for Nokia IMPACT, with no explicit exploit details or affected subcomponents beyond the gener...
CVE-2021-35485
CVE-2021-35485 impacts Nokia IMPACT’s Applications component for versions up to 19.11.2.10-20210118042150283. An authenticated user can arbitrarily upload server-side executable files through the /ui/rest-proxy/application fileupload parameter when adding a new application or editing an existing ...
CVE-2021-35483
The Nokia IMPACT Applications component (versions up to 19.11.2.10-20210118042150283) allows an authenticated user to arbitrarily upload JavaScript files via the /ui/rest-proxy/application fileupload parameter during adding or editing an application. If an authenticated user visits the page where...
CVE-2021-35484
The CVE-2021-35484 entry affects Nokia IMPACT (through 19.11.2.10-20210118042150283). A authenticated user can perform a Time-based Boolean Blind SQL Injection on the endpoint /ui/rest-proxy/campaign/statistic (View Campaign page) via the sortColumn HTTP GET parameter, enabling access to database...