La Sostenibilità per TIM

Il Report 2024 accoglie i principi della Corporate Sustainability Reporting Directive (CSRD) ed è incluso nella Relazione Finanziaria e di Sostenibilità. Approfondisci

Facebook Twitter Linkedin Copia Link

tag

CVE-2022-39817

CVE-2022-39817 – Nokia 1350 OMS Optical Management System

Vulnerability Description: SQL Injection - CWE-89

Software Version: R14.2

NIST: https://nvd.nist.gov/vuln/detail/CVE-2022-39817

CVSv3: 8.8

Severity: High

Credits: Luca Carbone, Fabio Romano, Stefano Scipioni, Massimiliano Brolli

In NOKIA 1350 OMS R14.2, multiple SQL Injection vulnerabilities occurs. Exploitation requires an authenticated attacker. Through the injection of arbitrary SQL statements, a potential authenticated attacker can modify query syntax and perform unauthorized (and unexpected) operations against the remote database.