Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Cross-Site Request Forgery (CSRF) vulnerability in Nokia IMPACT through 19.11.2.10-20210118042150283 allows a remote attacker to import and overwrite the entire application configuration. Specifically, in /ui/rest-proxy/entity/import, neither the X-CSRF-NONCE HTTP header nor the CSRF-NONCE cookie is validated.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Nokia IMPACT 安全漏洞
Vulnerability Description
Nokia IMPACT是芬兰诺基亚(Nokia)公司的一套物联网智能管理平台。 Nokia IMPACT 19.11.2.10-20210118042150283及之前版本存在安全漏洞,该漏洞源于缺少CSRF令牌验证,可能导致远程攻击者导入和覆盖整个应用程序配置。
CVSS Information
N/A
Vulnerability Type
N/A