CVE-2023-26062

HIGH 7.0

CVSS Score

7.0

EPSS Score

0.0%

EPSS Percentile

0th

A mobile network solution internal fault is found in Nokia Web Element Manager before 22 R1, in which an authenticated, unprivileged user can execute administrative functions. Exploitation is not possible from outside of mobile network solution architecture. This means that exploit is not possible from mobile network user UEs, from roaming networks, or from the Internet. Exploitation is possible only from a CSP (Communication Service Provider) mobile network solution internal BTS management network.

Vendor	n/a
Product	n/a
Published	Jun 14, 2023
Last Updated	Jan 6, 2025

Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new high vulnerabilities affecting n/a n/a are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AC:H/AV:L/A:H/C:H/I:H/PR:L/S:U/UI:N

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

n/a / n/a

n/a

References

NVD ↗ CVE.org ↗ EPSS Data ↗

nokia.com: https://nokia.com nokia.com: https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-26062/