Nokia 1350 Optical Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Nokia 1350 Optical Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2022-39815 — CVSS 9.8 (critical): In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. This vulnerability allow unauthenticated users to execute…
CVE-2022-39819 — CVSS 8.8 (high): In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. This allows authenticated users to execute commands on the…
CVE-2022-39817 — CVSS 8.8 (high): In NOKIA 1350 OMS R14.2, multiple SQL Injection vulnerabilities occurs. Exploitation requires an authenticated attacker. Through the…
CVE-2022-39821 — CVSS 7.5 (high): In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. The web application…
CVE-2022-40715 — CVSS 6.5 (medium): An issue was discovered in NOKIA 1350OMS R14.2. An Absolute Path Traversal vulnerability exists for a specific endpoint via the logfile…
CVE-2022-39816 — CVSS 6.5 (medium): In NOKIA 1350 OMS R14.2, Insufficiently Protected Credentials (cleartext administrator password) occur in the edit configuration page…
CVE-2022-40713 — CVSS 6.5 (medium): An issue was discovered in NOKIA 1350OMS R14.2. Multiple Relative Path Traversal issues exist in different specific endpoints via the file…
CVE-2022-39814 — CVSS 6.1 (medium): In NOKIA 1350 OMS R14.2, an Open Redirect vulnerability occurs is the login page via next HTTP GET parameter.
CVE-2022-40714 — CVSS 6.1 (medium): An issue was discovered in NOKIA 1350OMS R14.2. Reflected XSS exists under different /oms1350/* endpoints.
CVE-2022-40712 — CVSS 6.1 (medium): An issue was discovered in NOKIA 1350OMS R14.2. Reflected XSS exists under different /cgi-bin/R14.2* endpoints.