Products
UNKNOWN
Source
cve@mitre.org
Tags
CVE-2023-25189 details
Published : Sept. 25, 2024, 4:15 p.m.
Last Modified : Sept. 25, 2024, 4:15 p.m.
Last Modified : Sept. 25, 2024, 4:15 p.m.
Description
BTS is affected by information disclosure vulnerability where mobile network operator personnel connected over BTS Web Element Manager, regardless of the access privileges, having a possibility to read BTS service operation details performed by Nokia Care service personnel via SSH.
CVSS Score
1 | 2 | 3.3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
CVSS Data
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
Base Score
3.3
Exploitability Score
0.8
Impact Score
2.5
Base Severity
LOW
Vector String : CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
References
URL | Source |
---|---|
https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-25189/ | cve@mitre.org |
This website uses the NVD API, but is not approved or certified by it.