Every CVE whose affected-product data names Nokia Netact, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2022-28864 — CVSS 8.8 (high): An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section. A malicious user can edit or add the…
CVE-2022-30280 — CVSS 8.8 (high): /SecurityManagement/html/createuser.jsf in Nokia NetAct 22 allows CSRF. A remote attacker is able to create users with arbitrary…
CVE-2022-28863 — CVSS 8.8 (high): An issue was discovered in Nokia NetAct 22. A remote user, authenticated to the website, can visit the Site Configuration Tool section and…
CVE-2023-26061 — CVSS 6.8 (medium): An issue was discovered in Nokia NetAct before 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can…
CVE-2023-26059 — CVSS 6.8 (medium): An issue was discovered in Nokia NetAct before 22 SP1037. On the Site Configuration Tool tab, attackers can upload a ZIP file which, when…
CVE-2023-26060 — CVSS 6.8 (medium): An issue was discovered in Nokia NetAct before 22 FP2211. On the Working Set Manager page, users can create a Working Set with a name that…
CVE-2021-26597 — CVSS 6.5 (medium): An issue was discovered in Nokia NetAct 18A. A remote user, authenticated to the NOKIA NetAct Web Page, can visit the Site Configuration…
CVE-2023-26057 — CVSS 6.5 (medium): An XXE issue was discovered in Nokia NetAct before 22 FP2211 via an XML document to the Configuration Dashboard page. Input validation and…
CVE-2023-26058 — CVSS 6.5 (medium): An XXE issue was discovered in Nokia NetAct before 22 FP2211 via an XML document to a Performance Manager page. Input validation and a…
CVE-2021-26596 — CVSS 5.4 (medium): An issue was discovered in Nokia NetAct 18A. A malicious user can change a filename of an uploaded file to include JavaScript code, which…
CVE-2022-28865 — CVSS 5.4 (medium): An issue was discovered in Nokia NetAct 22 through the Site Configuration Tool website section. A malicious user can change a filename of…
CVE-2022-28867 — CVSS 5.4 (medium): An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section. A malicious user can edit or add the…