Vulnerabilities > Nokia > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-25 CVE-2022-39820 Insufficiently Protected Credentials vulnerability in Nokia Network Functions Manager for Transport 19.9
In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml.
network
low complexity
nokia CWE-522
6.5
6.5
2023-12-25 CVE-2022-41760 Path Traversal vulnerability in Nokia Network Functions Manager for Transport 19.9
An issue was discovered in NOKIA NFM-T R19.9.
network
low complexity
nokia CWE-22
6.5
6.5
2023-12-25 CVE-2022-41761 Path Traversal vulnerability in Nokia Network Functions Manager for Transport 19.9
An issue was discovered in NOKIA NFM-T R19.9.
network
low complexity
nokia CWE-22
6.5
6.5
2023-12-25 CVE-2022-41762 Cross-site Scripting vulnerability in Nokia Network Functions Manager for Transport 19.9
An issue was discovered in NOKIA NFM-T R19.9.
network
low complexity
nokia CWE-79
6.1
6.1
2023-12-25 CVE-2022-43675 Cross-site Scripting vulnerability in Nokia Network Functions Manager for Transport 19.9
An issue was discovered in NOKIA NFM-T R19.9.
network
low complexity
nokia CWE-79
6.1
6.1
2023-11-03 CVE-2023-41354 Unspecified vulnerability in Nokia G-040W-Q Firmware G040Wqr201207
Chunghwa Telecom NOKIA G-040W-Q Firewall function does not block ICMP TIMESTAMP requests by default, an unauthenticated remote attacker can exploit this vulnerability by sending a crafted package, resulting in partially sensitive information exposed to an actor.
network
low complexity
nokia
5.3
5.3
2023-07-24 CVE-2022-28865 Cross-site Scripting vulnerability in Nokia Netact 22.0.0.62
An issue was discovered in Nokia NetAct 22 through the Site Configuration Tool website section.
network
low complexity
nokia CWE-79
5.4
5.4
2023-07-24 CVE-2022-28867 Cross-site Scripting vulnerability in Nokia Netact 22.0.0.62
An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section.
network
low complexity
nokia CWE-79
5.4
5.4
2023-04-25 CVE-2023-26057 XXE vulnerability in Nokia Netact 20.1
An XXE issue was discovered in Nokia NetAct before 22 FP2211 via an XML document to the Configuration Dashboard page.
network
low complexity
nokia CWE-611
6.5
6.5
2023-04-25 CVE-2023-26058 XXE vulnerability in Nokia Netact 20.1
An XXE issue was discovered in Nokia NetAct before 22 FP2211 via an XML document to a Performance Manager page.
network
low complexity
nokia CWE-611
6.5
6.5