Filtered by vendor Nokia
Subscriptions
Filtered by product Impact Mobile
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-35486 | 1 Nokia | 2 Impact, Impact Mobile | 2026-03-13 | 8.1 High |
| A Cross-Site Request Forgery (CSRF) vulnerability in Nokia IMPACT through 19.11.2.10-20210118042150283 allows a remote attacker to import and overwrite the entire application configuration. Specifically, in /ui/rest-proxy/entity/import, neither the X-CSRF-NONCE HTTP header nor the CSRF-NONCE cookie is validated. | ||||
| CVE-2023-31044 | 1 Nokia | 2 Impact, Impact Mobile | 2026-03-09 | 2 Low |
| An issue was discovered in Nokia Impact before Mobile 23_FP1. In Impact DM 19.11 onwards, a remote authenticated user, using the Add Campaign functionality, can inject a malicious payload within the Campaign Name. This data can be exported to a CSV file. Attackers can populate data fields that may attempt data exfiltration or other malicious activity when automatically executed by the spreadsheet software. | ||||
Page 1 of 1.