CVE-2022-40715

Description

An issue was discovered in NOKIA 1350OMS R14.2. An Absolute Path Traversal vulnerability exists for a specific endpoint via the logfile parameter, allowing a remote authenticated attacker to read files on the filesystem arbitrarily.

Related CPE's

a nokia 1350_optical_management_system 14.2 *******

References

https://www.gruppotim.it/it/footer/red-team.html

Third Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io