Unrestricted File Upload Vulnerability in Nokia IMPACT Platform
CVE-2019-17403

8.8HIGH

Key Information:

Vendor

Nokia
Status
Impact
Vendor
CVE Published:
25 November 2019

What is CVE-2019-17403?

The Nokia IMPACT Platform is susceptible to an unrestricted file upload vulnerability that allows malicious actors to upload files without proper authentication or validation. This security flaw can lead to remote code execution, enabling attackers to execute arbitrary commands on the server. As such, it is essential for users of the platform to apply necessary patches and updates to mitigate potential risks.

References

https://www.nokia.com/networks/solutions/impact-iot-platf...
x_refsource_MISC
https://www.telecomitalia.com/tit/it/innovazione/cybersec...
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.