Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-25186

Опубликовано: 16 июн. 2023
Источник: nvd
CVSS3: 5.1
CVSS3: 2.8
EPSS Низкий

Описание

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP (as a BTS administrator) removes security hardenings from a Nokia Single RAN BTS baseband unit, a directory path traversal in the Nokia BTS baseband unit diagnostic tool AaShell (which is by default disabled) provides access to the BTS baseband unit internal filesystem from the mobile network solution internal BTS management network.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:nokia:asika_airscale_firmware:19b:*:*:*:*:*:*:*
cpe:2.3:o:nokia:asika_airscale_firmware:20a:*:*:*:*:*:*:*
cpe:2.3:o:nokia:asika_airscale_firmware:20b:*:*:*:*:*:*:*
cpe:2.3:o:nokia:asika_airscale_firmware:20c:*:*:*:*:*:*:*
cpe:2.3:o:nokia:asika_airscale_firmware:21a:*:*:*:*:*:*:*
cpe:2.3:h:nokia:asika_airscale:-:*:*:*:*:*:*:*

EPSS

Процентиль: 7%
0.00027
Низкий

5.1 Medium

CVSS3

2.8 Low

CVSS3

Дефекты

CWE-22

Связанные уязвимости

github логотип

GHSA-99xm-qqmx-v647

CVSS3: 5.1
github
больше 2 лет назад

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP (as a BTS administrator) removes security hardenings from a Nokia Single RAN BTS baseband unit, a directory path traversal in the Nokia BTS baseband unit diagnostic tool AaShell (which is by default disabled) provides access to the BTS baseband unit internal filesystem from the mobile network solution internal BTS management network.

EPSS

Процентиль: 7%
0.00027
Низкий

5.1 Medium

CVSS3

2.8 Low

CVSS3

Дефекты

CWE-22