Описание
A vulnerability exists in Nokia’s ASIK AirScale system module (versions 474021A.101 and 474021A.102) that could allow an attacker to place a script on the file system accessible from Linux. A script placed in the appropriate place could allow for arbitrary code execution in the bootloader.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:nokia:asik_airscale_474021a.102_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nokia:asik_airscale_474021a.102:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:nokia:asik_airscale_474021a.101_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nokia:asik_airscale_474021a.101:-:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00055
Низкий
8.4 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-1274
Связанные уязвимости
CVSS3: 8.8
github
больше 2 лет назад
A vulnerability exists in Nokia’s ASIK AirScale system module (versions 474021A.101 and 474021A.102) that could allow an attacker to place a script on the file system accessible from Linux. A script placed in the appropriate place could allow for arbitrary code execution in the bootloader.
EPSS
Процентиль: 17%
0.00055
Низкий
8.4 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-1274