CVE-2023-25189 LOW

CVE-2023-25189

Vendor N/A
Product n/a
Published September 25, 2024
Last update October 29, 2024

CVSS base score

3.3/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AC:H/AV:L/A:N/C:L/I:L/PR:L/S:U/UI:R

What the vulnerability does

01Description

BTS is affected by information disclosure vulnerability where mobile network operator personnel connected over BTS Web Element Manager, regardless of the access privileges, having a possibility to read BTS service operation details performed by Nokia Care service personnel via SSH.

Key dates

02Disclosure timeline

September 25, 2024 CVE published
October 29, 2024 Record updated