Open Redirect Vulnerability in Nokia 1350 OMS Product
CVE-2022-39814

6.1MEDIUM

Key Information:

Vendor: Nokia
Status: 1350 Optical Management System
Vendor: CVE Published:; 13 September 2022

What is CVE-2022-39814?

The Nokia 1350 OMS R14.2 contains an open redirect vulnerability within its login page that can be exploited through the 'next' HTTP GET parameter. This flaw may allow attackers to redirect users to malicious sites, potentially exposing sensitive information and undermining user trust in the platform.

References

https://www.gruppotim.it/it/footer/red-team.html

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 13, 2022
Vulnerability Reserved
Sep 5, 2022