CVE-2023-25189

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-25189
BTS is affected by information disclosure vulnerability where mobile network operator personnel connected over BTS Web Element Manager, regardless of the access privileges, having a possibility to read BTS service operation details performed by Nokia Care service personnel via SSH.

3.3 /10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 2.5

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-25189/
Configurations

No configuration.

History

29 Oct 2024, 19:35

Type Values Removed Values Added
CWE CWE-863

26 Sep 2024, 13:32

Type Values Removed Values Added
Summary
  • (es) BTS se ve afectado por una vulnerabilidad de divulgación de información donde el personal del operador de red móvil conectado a través de BTS Web Element Manager, independientemente de los privilegios de acceso, tiene la posibilidad de leer los detalles de las operaciones del servicio BTS realizadas por el personal de servicio de Nokia Care a través de SSH.

25 Sep 2024, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-09-25 16:15

Updated : 2024-10-29 19:35

NVD link : CVE-2023-25189

Mitre link : CVE-2023-25189

CVE.ORG link : CVE-2023-25189

JSON object : View

Products Affected

No product.

CWE
CWE-863

Incorrect Authorization


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024