Vulnerabilities > Nokia
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-13 | CVE-2022-39816 | Insufficiently Protected Credentials vulnerability in Nokia 1350 Optical Management System 14.2 In NOKIA 1350 OMS R14.2, Insufficiently Protected Credentials (cleartext administrator password) occur in the edit configuration page. | 6.5 |
| 2022-09-13 | CVE-2022-39817 | SQL Injection vulnerability in Nokia 1350 Optical Management System 14.2 In NOKIA 1350 OMS R14.2, multiple SQL Injection vulnerabilities occurs. | 8.8 |
| 2022-09-13 | CVE-2022-39819 | OS Command Injection vulnerability in Nokia 1350 Optical Management System 14.2 In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. | 8.8 |
| 2022-09-13 | CVE-2022-39821 | Information Exposure Through Log Files vulnerability in Nokia 1350 Optical Management System 14.2 In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. | 7.5 |
| 2022-06-16 | CVE-2021-41487 | SQL Injection vulnerability in Nokia Vitalsuite 2020 NOKIA VitalSuite SPM 2020 is affected by SQL injection through UserName'. | 7.5 |
| 2022-06-14 | CVE-2022-30903 | Cross-site Scripting vulnerability in Nokia G-2425G-A Firmware 3Fe49362Ijhk42 Nokia "G-2425G-A" Bharti Airtel Routers Hardware version "3FE48299DEAA" Software Version "3FE49362IJHK42" is vulnerable to Cross-Site Scripting (XSS) via the admin->Maintenance>Device Management. | 4.8 |
| 2022-05-25 | CVE-2021-35487 | SQL Injection vulnerability in Nokia Broadcast Message Center Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. | 4.0 |
| 2022-02-11 | CVE-2021-31932 | Unspecified vulnerability in Nokia BTS TRS web Console Ftmw20Fp22019.08.160010 Nokia BTS TRS web console FTM_W20_FP2_2019.08.16_0010 allows Authentication Bypass. | 7.5 |
| 2021-12-27 | CVE-2021-45896 | Unspecified vulnerability in Nokia Fastmile Firmware 3Tg00118Abad52 Nokia FastMile 3TG00118ABAD52 devices allow privilege escalation by an authenticated user via is_ctc_admin=1 to login_web_app.cgi and use of Import Config File. | 8.8 |
| 2021-09-20 | CVE-2021-32287 | Out-of-bounds Write vulnerability in Nokia Heif An issue was discovered in heif through v3.6.2. | 6.8 |