Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for CBIS,NCS by Nokia

    CVE-2023-49565 (GCVE-0-2023-49565)

    Vulnerability from nvd – Published: 2025-09-18 06:11 – Updated: 2025-09-18 17:56
    VLAI
    Title
    Remote Code Execution
    Summary
    The cbis_manager Podman container is vulnerable to remote command execution via the /api/plugins endpoint. Improper sanitization of the HTTP Headers X-FILENAME, X-PAGE, and X-FIELD allows for command injection. These headers are directly utilized within the subprocess.Popen Python function without adequate validation, enabling a remote attacker to execute arbitrary commands on the underlying system by crafting malicious header values within an HTTP request to the affected endpoint. The web service executes with root privileges within the container environment, the demonstrated remote code execution permits an attacker to acquire elevated privileges for the command execution. Restricting access to the management network with an external firewall can partially mitigate this risk.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Nokia CBIS,NCS Affected: CBIS 22, NCS 22.12, NCS 23.10
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.4,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "HIGH",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-49565",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-18T17:56:06.818678Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-77",
                    "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-18T17:56:10.960Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "CBIS,NCS",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "CBIS 22, NCS 22.12, NCS 23.10"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The cbis_manager Podman container is vulnerable to remote command execution via the /api/plugins endpoint. Improper sanitization of the HTTP Headers X-FILENAME, X-PAGE, and X-FIELD allows for command injection. These headers are directly utilized within the subprocess.Popen Python function without adequate validation, enabling a remote attacker to execute arbitrary commands on the underlying system by crafting malicious header values within an HTTP request to the affected endpoint.\nThe web service executes with root privileges within the container environment, the demonstrated remote code execution permits an attacker to acquire elevated privileges for the command execution.\nRestricting access to the management network with an external firewall can partially mitigate this risk."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-18T06:11:53.618Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/CVE-2023-49565/"
            }
          ],
          "title": "Remote Code Execution",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2023-49565",
        "datePublished": "2025-09-18T06:11:53.618Z",
        "dateReserved": "2023-11-27T09:09:46.615Z",
        "dateUpdated": "2025-09-18T17:56:10.960Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-49564 (GCVE-0-2023-49564)

    Vulnerability from nvd – Published: 2025-09-18 06:10 – Updated: 2025-09-18 18:01
    VLAI
    Title
    Authentication Bypass
    Summary
    The CBIS/NCS Manager API is vulnerable to an authentication bypass. By sending a specially crafted HTTP header, an unauthenticated user can gain unauthorized access to API functions. This flaw allows attackers to reach restricted or sensitive endpoints of the HTTP API without providing any valid credentials. The root cause of this vulnerability lies in a weak verification mechanism within the authentication implementation present in the Nginx Podman container on the CBIS/NCS Manager host machine. The risk can be partially mitigated by restricting access to the management network using external firewall.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
    Assigner
    Impacted products
    Vendor Product Version
    Nokia CBIS,NCS Affected: CBIS 22, NCS 22.12
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-49564",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-18T18:00:56.831578Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-288",
                    "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-18T18:01:12.717Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "CBIS,NCS",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "CBIS 22, NCS 22.12"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The CBIS/NCS Manager API is vulnerable to an authentication bypass. By sending a specially crafted HTTP header, an unauthenticated user can gain unauthorized access to API functions. This flaw allows attackers to reach restricted or sensitive endpoints of the HTTP API without providing any valid credentials. The root cause of this vulnerability lies in a weak verification mechanism within the authentication implementation present in the Nginx Podman container on the CBIS/NCS Manager host machine.\nThe risk can be partially mitigated by restricting access to the management network using external firewall."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-18T06:10:27.787Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/CVE-2023-49564/"
            }
          ],
          "title": "Authentication Bypass",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2023-49564",
        "datePublished": "2025-09-18T06:10:27.787Z",
        "dateReserved": "2023-11-27T09:09:46.615Z",
        "dateUpdated": "2025-09-18T18:01:12.717Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-49565 (GCVE-0-2023-49565)

    Vulnerability from cvelistv5 – Published: 2025-09-18 06:11 – Updated: 2025-09-18 17:56
    VLAI
    Title
    Remote Code Execution
    Summary
    The cbis_manager Podman container is vulnerable to remote command execution via the /api/plugins endpoint. Improper sanitization of the HTTP Headers X-FILENAME, X-PAGE, and X-FIELD allows for command injection. These headers are directly utilized within the subprocess.Popen Python function without adequate validation, enabling a remote attacker to execute arbitrary commands on the underlying system by crafting malicious header values within an HTTP request to the affected endpoint. The web service executes with root privileges within the container environment, the demonstrated remote code execution permits an attacker to acquire elevated privileges for the command execution. Restricting access to the management network with an external firewall can partially mitigate this risk.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Nokia CBIS,NCS Affected: CBIS 22, NCS 22.12, NCS 23.10
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.4,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "HIGH",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-49565",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-18T17:56:06.818678Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-77",
                    "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-18T17:56:10.960Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "CBIS,NCS",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "CBIS 22, NCS 22.12, NCS 23.10"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The cbis_manager Podman container is vulnerable to remote command execution via the /api/plugins endpoint. Improper sanitization of the HTTP Headers X-FILENAME, X-PAGE, and X-FIELD allows for command injection. These headers are directly utilized within the subprocess.Popen Python function without adequate validation, enabling a remote attacker to execute arbitrary commands on the underlying system by crafting malicious header values within an HTTP request to the affected endpoint.\nThe web service executes with root privileges within the container environment, the demonstrated remote code execution permits an attacker to acquire elevated privileges for the command execution.\nRestricting access to the management network with an external firewall can partially mitigate this risk."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-18T06:11:53.618Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/CVE-2023-49565/"
            }
          ],
          "title": "Remote Code Execution",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2023-49565",
        "datePublished": "2025-09-18T06:11:53.618Z",
        "dateReserved": "2023-11-27T09:09:46.615Z",
        "dateUpdated": "2025-09-18T17:56:10.960Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-49564 (GCVE-0-2023-49564)

    Vulnerability from cvelistv5 – Published: 2025-09-18 06:10 – Updated: 2025-09-18 18:01
    VLAI
    Title
    Authentication Bypass
    Summary
    The CBIS/NCS Manager API is vulnerable to an authentication bypass. By sending a specially crafted HTTP header, an unauthenticated user can gain unauthorized access to API functions. This flaw allows attackers to reach restricted or sensitive endpoints of the HTTP API without providing any valid credentials. The root cause of this vulnerability lies in a weak verification mechanism within the authentication implementation present in the Nginx Podman container on the CBIS/NCS Manager host machine. The risk can be partially mitigated by restricting access to the management network using external firewall.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
    Assigner
    Impacted products
    Vendor Product Version
    Nokia CBIS,NCS Affected: CBIS 22, NCS 22.12
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-49564",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-18T18:00:56.831578Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-288",
                    "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-18T18:01:12.717Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "CBIS,NCS",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "CBIS 22, NCS 22.12"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The CBIS/NCS Manager API is vulnerable to an authentication bypass. By sending a specially crafted HTTP header, an unauthenticated user can gain unauthorized access to API functions. This flaw allows attackers to reach restricted or sensitive endpoints of the HTTP API without providing any valid credentials. The root cause of this vulnerability lies in a weak verification mechanism within the authentication implementation present in the Nginx Podman container on the CBIS/NCS Manager host machine.\nThe risk can be partially mitigated by restricting access to the management network using external firewall."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-18T06:10:27.787Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/CVE-2023-49564/"
            }
          ],
          "title": "Authentication Bypass",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2023-49564",
        "datePublished": "2025-09-18T06:10:27.787Z",
        "dateReserved": "2023-11-27T09:09:46.615Z",
        "dateUpdated": "2025-09-18T18:01:12.717Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }