Unrestricted File Upload Vulnerability in Nokia IMPACT Platform
CVE-2019-17403

8.8HIGH

Key Information:

Vendor: Nokia
Status: Impact
Vendor: CVE Published:; 25 November 2019

What is CVE-2019-17403?

The Nokia IMPACT Platform is susceptible to an unrestricted file upload vulnerability that allows malicious actors to upload files without proper authentication or validation. This security flaw can lead to remote code execution, enabling attackers to execute arbitrary commands on the server. As such, it is essential for users of the platform to apply necessary patches and updates to mitigate potential risks.

References

https://www.nokia.com/networks/solutions/impact-iot-platf...

x_refsource_MISC

https://www.telecomitalia.com/tit/it/innovazione/cybersec...

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 25, 2019
Vulnerability Reserved
Oct 9, 2019