Lucene search
K
NokiaImpact

7 matches found

CVE
CVE
added 2019/11/25 3:3 p.m.55 views

CVE-2019-17406

Nokia IMPACT

5.3CVSS6.5AI score0.01123EPSS
CVE
CVE
added 2019/11/25 2:48 p.m.53 views

CVE-2019-17404

CVE-2019-17404 concerns Nokia IMPACT before version 18A, where a path traversal flaw allows an attacker to disclose the full filesystem path. The issue is described across multiple sources (CNVD-2019-44224, Red Hat RH:CVE-2019-17404, NVD CVE-2019-17404). The connected documents do not provide exp...

4.3CVSS4.5AI score0.00973EPSS
CVE
CVE
added 2019/11/25 2:53 p.m.51 views

CVE-2019-17405

CVE-2019-17405 affects Nokia IMPACT platforms earlier than version 18A, with a reflected self-XSS vulnerability. Connected sources identify Nokia IMPACT as the affected product and attribute the issue to improper validation of client-side data by the web application, enabling an attacker to execu...

6.1CVSS5.9AI score0.00709EPSS
CVE
CVE
added 2019/11/25 2:43 p.m.47 views

CVE-2019-17403

CVE-2019-17403 : Nokia IMPACT versions prior to 18A contain an unrestricted file upload vulnerability that could enable remote code execution. The cited descriptions consistently state this vulnerability for Nokia IMPACT, with no explicit exploit details or affected subcomponents beyond the gener...

8.8CVSS8.7AI score0.02542EPSS
CVE
CVE
added 2026/03/03 12:0 a.m.17 views

CVE-2021-35485

CVE-2021-35485 impacts Nokia IMPACT’s Applications component for versions up to 19.11.2.10-20210118042150283. An authenticated user can arbitrarily upload server-side executable files through the /ui/rest-proxy/application fileupload parameter when adding a new application or editing an existing ...

8CVSS5.9AI score0.00226EPSS
Web
CVE
CVE
added 2026/03/03 12:0 a.m.16 views

CVE-2021-35483

The Nokia IMPACT Applications component (versions up to 19.11.2.10-20210118042150283) allows an authenticated user to arbitrarily upload JavaScript files via the /ui/rest-proxy/application fileupload parameter during adding or editing an application. If an authenticated user visits the page where...

4.1CVSS6AI score0.00221EPSS
Web
CVE
CVE
added 2026/03/03 12:0 a.m.14 views

CVE-2021-35484

The CVE-2021-35484 entry affects Nokia IMPACT (through 19.11.2.10-20210118042150283). A authenticated user can perform a Time-based Boolean Blind SQL Injection on the endpoint /ui/rest-proxy/campaign/statistic (View Campaign page) via the sortColumn HTTP GET parameter, enabling access to database...

8.2CVSS6AI score0.00235EPSS
Web