📦

broadcast_message_center

Vendor: nokia

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 1 Total Indexed

Avg. EPSS 0.38% Exploit Prob.

Latest CVE CVE-2021-35487 May 25

Security Vulnerability Index

Page 1 / 1

6.5 CVSS

CVE-2021-35487

Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user, database name, and database version information, and potentially database data.

EPSS: 0.38%

Severity: MEDIUM

May 25, 2022

Displaying 1 of 1 Total Entries

Total 1 Sections