OS Command Injection Vulnerabilities in NOKIA 1350 OMS by NOKIA
CVE-2022-39819

8.8HIGH

Key Information:

Vendor: Nokia
Status: 1350 Optical Management System
Vendor: CVE Published:; 13 September 2022

What is CVE-2022-39819?

In NOKIA 1350 OMS R14.2, vulnerabilities exist that permit authenticated users to execute arbitrary commands on the operating system. This poses a significant risk, as it can be exploited to gain unauthorized access and manipulate system functionalities. Proper security measures and patch implementations are essential to mitigate this threat.

References

https://www.gruppotim.it/it/footer/red-team.html

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 13, 2022
Vulnerability Reserved
Sep 5, 2022

JSON

Nokia

What is CVE-2022-39819?

References

CVSS V3.1

Timeline