Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for mantaray_nm by nokia

    CVE-2025-24819 (GCVE-0-2025-24819)

    Vulnerability from nvd – Published: 2026-04-07 15:14 – Updated: 2026-04-07 17:56
    VLAI
    Title
    A Relative Path Traversal vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-23 - Relative Path Traversal
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: earlier than 25R1-NM (exclusive)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.7,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24819",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-07T17:46:21.365319Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-23",
                    "description": "CWE-23 Relative Path Traversal",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-07T17:56:15.517Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 25R1-NM (exclusive)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T15:14:42.719Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24819/"
            }
          ],
          "title": "A Relative Path Traversal vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24819",
        "datePublished": "2026-04-07T15:14:42.719Z",
        "dateReserved": "2025-01-24T13:25:43.870Z",
        "dateUpdated": "2026-04-07T17:56:15.517Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24818 (GCVE-0-2025-24818)

    Vulnerability from nvd – Published: 2026-04-07 15:13 – Updated: 2026-04-07 20:11
    VLAI
    Title
    An OS Command Injection vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: Earlier than 25R1-NM (exclusive)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24818",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-07T20:11:08.674316Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-77",
                    "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-07T20:11:29.811Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "Earlier than 25R1-NM (exclusive)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T15:13:22.492Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24818/"
            }
          ],
          "title": "An OS Command Injection vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24818",
        "datePublished": "2026-04-07T15:13:22.492Z",
        "dateReserved": "2025-01-24T13:25:43.870Z",
        "dateUpdated": "2026-04-07T20:11:29.811Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24817 (GCVE-0-2025-24817)

    Vulnerability from nvd – Published: 2026-04-07 15:09 – Updated: 2026-04-08 16:15
    VLAI
    Title
    An OS Command Injection vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: Earlier than 25R1-NM (exclusive)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24817",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-08T15:47:32.334342Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-08T16:15:12.963Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "Earlier than 25R1-NM (exclusive)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T15:09:47.125Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24817/"
            }
          ],
          "title": "An OS Command Injection vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24817",
        "datePublished": "2026-04-07T15:09:47.125Z",
        "dateReserved": "2025-01-24T13:25:43.869Z",
        "dateUpdated": "2026-04-08T16:15:12.963Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24819 (GCVE-0-2025-24819)

    Vulnerability from cvelistv5 – Published: 2026-04-07 15:14 – Updated: 2026-04-07 17:56
    VLAI
    Title
    A Relative Path Traversal vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-23 - Relative Path Traversal
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: earlier than 25R1-NM (exclusive)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.7,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24819",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-07T17:46:21.365319Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-23",
                    "description": "CWE-23 Relative Path Traversal",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-07T17:56:15.517Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 25R1-NM (exclusive)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T15:14:42.719Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24819/"
            }
          ],
          "title": "A Relative Path Traversal vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24819",
        "datePublished": "2026-04-07T15:14:42.719Z",
        "dateReserved": "2025-01-24T13:25:43.870Z",
        "dateUpdated": "2026-04-07T17:56:15.517Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24818 (GCVE-0-2025-24818)

    Vulnerability from cvelistv5 – Published: 2026-04-07 15:13 – Updated: 2026-04-07 20:11
    VLAI
    Title
    An OS Command Injection vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: Earlier than 25R1-NM (exclusive)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24818",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-07T20:11:08.674316Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-77",
                    "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-07T20:11:29.811Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "Earlier than 25R1-NM (exclusive)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T15:13:22.492Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24818/"
            }
          ],
          "title": "An OS Command Injection vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24818",
        "datePublished": "2026-04-07T15:13:22.492Z",
        "dateReserved": "2025-01-24T13:25:43.870Z",
        "dateUpdated": "2026-04-07T20:11:29.811Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24817 (GCVE-0-2025-24817)

    Vulnerability from cvelistv5 – Published: 2026-04-07 15:09 – Updated: 2026-04-08 16:15
    VLAI
    Title
    An OS Command Injection vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: Earlier than 25R1-NM (exclusive)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24817",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-08T15:47:32.334342Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-08T16:15:12.963Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "Earlier than 25R1-NM (exclusive)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T15:09:47.125Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24817/"
            }
          ],
          "title": "An OS Command Injection vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24817",
        "datePublished": "2026-04-07T15:09:47.125Z",
        "dateReserved": "2025-01-24T13:25:43.869Z",
        "dateUpdated": "2026-04-08T16:15:12.963Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }