Improper Access Control in Nokia MantaRay API
CVE-2025-24816

6.5MEDIUM

Key Information:

Vendor: Nokia
Status: Mantaray Nm
Vendor: CVE Published:; 30 June 2026

What is CVE-2025-24816?

Nokia MantaRay has a vulnerability in its API stemming from inadequate authorization checks. This weakness can be exploited by authenticated attackers to access sensitive information beyond their permissions, leading to potential data breaches. Mitigation measures should be taken to secure the API against unauthorized access and protect confidential data.

Affected Version(s)

MantaRay NM <25R2-NM < 25R2-NM

MantaRay NM ≥25R2-NM

References

https://www.nokia.com/we-are-nokia/security/product-secur...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 30, 2026
Vulnerability Reserved
Jan 24, 2025

CVE-2025-24816 Data

JSON