CVE-2023-22618

HIGH 8.1

CVSS Score

8.1

EPSS Score

0.0%

EPSS Percentile

0th

If Security Hardening guide rules are not followed, then Nokia WaveLite products allow a local user to create new users with administrative privileges by manipulating a web request. This affects (for example) WaveLite Metro 200 and Fan, WaveLite Metro 200 OPS and Fans, WaveLite Metro 200 and F2B fans, WaveLite Metro 200 OPS and F2B fans, WaveLite Metro 200 NE and F2B fans, and WaveLite Metro 200 NE OPS and F2B fans.

Vendor	n/a
Product	n/a
Published	Oct 4, 2023
Last Updated	Sep 20, 2024

Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new high vulnerabilities affecting n/a n/a are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AC:H/AV:L/A:H/C:H/I:H/PR:N/S:C/UI:N

Attack Vector

Local

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

n/a / n/a

n/a

References

NVD ↗ CVE.org ↗ EPSS Data ↗

nokia.com: https://nokia.com nokia.com: https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-22618/