Vulnerabilities > Nokia
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-24 | CVE-2023-26059 | Cross-site Scripting vulnerability in Nokia Netact 20.1 An issue was discovered in Nokia NetAct before 22 SP1037. | 5.4 |
| 2023-04-24 | CVE-2023-26060 | Code Injection vulnerability in Nokia Netact 18A An issue was discovered in Nokia NetAct before 22 FP2211. | 8.8 |
| 2023-04-24 | CVE-2023-26061 | Cross-site Scripting vulnerability in Nokia Netact 18A An issue was discovered in Nokia NetAct before 22 FP2211. | 5.4 |
| 2023-01-06 | CVE-2022-2482 | Insufficient Protections on the Volatile Memory Containing Boot Code vulnerability in Nokia products A vulnerability exists in Nokia’s ASIK AirScale system module (versions 474021A.101 and 474021A.102) that could allow an attacker to place a script on the file system accessible from Linux. | 8.8 |
| 2023-01-06 | CVE-2022-2483 | Assumed-Immutable Data Stored in Writable Memory vulnerability in Nokia products The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public keys for firmware verification signature. | 7.1 |
| 2023-01-06 | CVE-2022-2484 | Insufficient Protections on the Volatile Memory Containing Boot Code vulnerability in Nokia Asik Airscale 474021A.101 Firmware The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing an attacker to run modified firmware. | 7.8 |
| 2022-12-21 | CVE-2022-36221 | Path Traversal vulnerability in Nokia Fastmile Firmware 3Tg00118Abad52 Nokia Fastmile 3tg00118abad52 is affected by an authenticated path traversal vulnerability which allows attackers to read any named pipe file on the system. | 6.5 |
| 2022-12-21 | CVE-2022-36222 | Use of Hard-coded Credentials vulnerability in Nokia Fastmile Firmware 3Tg00118Abad52 Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface. | 8.4 |
| 2022-10-12 | CVE-2022-28866 | Missing Authorization vulnerability in Nokia Airframe BMC web GUI R18 Firmware Multiple Improper Access Control was discovered in Nokia AirFrame BMC Web GUI < R18 Firmware v4.13.00. | 8.8 |
| 2022-09-19 | CVE-2022-40712 | Cross-site Scripting vulnerability in Nokia 1350 Optical Management System 14.2 An issue was discovered in NOKIA 1350OMS R14.2. | 6.1 |