Nokia 1350 Optical Management System (OMS) 14.2
Approved changes feed: RSS · Atom
cpe:2.3:a:nokia:1350_optical_management_system:14.2:*:*:*:*:*:*:*
part: a version: 14.2 update: *
| Vendor | Nokia (817976ae-06c5-5680-b3fe-e55f44d8308a) |
|---|---|
| Product | 1350 Optical Management System (550d17ff-41bb-5bcb-aafb-15880f6e15ab) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-40715 |
vulnerable | 2026-06-03 14:48:03.447456 |
Details available
An issue was discovered in NOKIA 1350OMS R14.2. An Absolute Path Traversal vulnerability exists for a specific endpoint via the logfile parameter, allowing a remote authenticated attacker to read files on the filesystem arbitrarily.
Published: 2022-09-19T15:52:39.000Z
Updated: 2024-08-03T12:21:46.745Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-40714 |
vulnerable | 2026-06-03 14:48:03.447205 |
Details available
An issue was discovered in NOKIA 1350OMS R14.2. Reflected XSS exists under different /oms1350/* endpoints.
Published: 2022-09-19T15:52:33.000Z
Updated: 2024-08-03T12:21:46.660Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-40713 |
vulnerable | 2026-06-03 14:48:03.446935 |
Details available
An issue was discovered in NOKIA 1350OMS R14.2. Multiple Relative Path Traversal issues exist in different specific endpoints via the file parameter, allowing a remote authenticated attacker to read files on the filesystem arbitrarily.
Published: 2022-09-19T15:52:28.000Z
Updated: 2025-06-03T18:20:00.367Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-40712 |
vulnerable | 2026-06-03 14:48:03.446457 |
Details available
An issue was discovered in NOKIA 1350OMS R14.2. Reflected XSS exists under different /cgi-bin/R14.2* endpoints.
Published: 2022-09-19T15:52:24.000Z
Updated: 2025-06-03T18:19:05.785Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-39821 |
vulnerable | 2026-06-03 14:47:51.682276 |
Details available
In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem.
Published: 2022-09-13T20:36:27.000Z
Updated: 2024-08-03T12:07:42.973Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-39819 |
vulnerable | 2026-06-03 14:47:51.681760 |
Details available
In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. This allows authenticated users to execute commands on the operating system.
Published: 2022-09-13T20:36:33.000Z
Updated: 2024-08-03T12:07:42.691Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-39817 |
vulnerable | 2026-06-03 14:47:51.679772 |
Details available
In NOKIA 1350 OMS R14.2, multiple SQL Injection vulnerabilities occurs. Exploitation requires an authenticated attacker. Through the injection of arbitrary SQL statements, a potential authenticated attacker can modify query syntax and perform unauthorized (and unexpected) operations against the remote database.
Published: 2022-09-13T20:36:39.000Z
Updated: 2024-08-03T12:07:42.896Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-39816 |
vulnerable | 2026-06-03 14:47:51.679513 |
Details available
In NOKIA 1350 OMS R14.2, Insufficiently Protected Credentials (cleartext administrator password) occur in the edit configuration page. Exploitation requires an authenticated attacker.
Published: 2022-09-13T20:36:45.000Z
Updated: 2024-08-03T12:07:42.889Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-39815 |
vulnerable | 2026-06-03 14:47:51.679235 |
Details available
In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. This vulnerability allow unauthenticated users to execute commands on the operating system.
Published: 2022-09-13T20:36:50.000Z
Updated: 2024-08-03T12:07:42.639Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-39814 |
vulnerable | 2026-06-03 14:47:51.678869 |
Details available
In NOKIA 1350 OMS R14.2, an Open Redirect vulnerability occurs is the login page via next HTTP GET parameter.
Published: 2022-09-13T20:36:57.000Z
Updated: 2024-08-03T12:07:42.668Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.