OS Command Injection Vulnerabilities in NOKIA 1350 OMS by NOKIA
CVE-2022-39819

8.8HIGH

Key Information:

Vendor
Nokia
Status
1350 Optical Management System
Vendor
CVE Published:
13 September 2022

Summary

In NOKIA 1350 OMS R14.2, vulnerabilities exist that permit authenticated users to execute arbitrary commands on the operating system. This poses a significant risk, as it can be exploited to gain unauthorized access and manipulate system functionalities. Proper security measures and patch implementations are essential to mitigate this threat.

References

https://www.gruppotim.it/it/footer/red-team.html
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.