Vulnerability-Lookup

CNVD-2022-68946

Vulnerability from cnvd - Published: 2022-10-14

Title

Nokia Broadcast Message Center SQL注入漏洞（CNVD-2022-68946）

Description

Nokia Broadcast Message Center是芬兰诺基亚（Nokia）公司的一个广播消息中心管理警报。可同时将来自政府和公共安全机构的紧急警报和消息传送给指定地理区域内的多个移动用户。 Nokia Broadcast Message Center 11.1.0及其之前版本存在SQL注入漏洞，该漏洞源于/owui/block/send-receive-updates中extIdentifier HTTP POST参数缺少过滤和转义。攻击者可利用该漏洞获取数据库用户、数据库名称和数据库版本信息，以及潜在的数据库数据。

Severity

中

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://www.nokia.com/

Reference

https://www.gruppotim.it/it/footer/red-team.html

Impacted products

Name
nokia Broadcast Message Center <=11.1.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-35487",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-35487"
    }
  },
  "description": "Nokia Broadcast Message Center\u662f\u82ac\u5170\u8bfa\u57fa\u4e9a\uff08Nokia\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u5e7f\u64ad\u6d88\u606f\u4e2d\u5fc3\u7ba1\u7406\u8b66\u62a5\u3002\u53ef\u540c\u65f6\u5c06\u6765\u81ea\u653f\u5e9c\u548c\u516c\u5171\u5b89\u5168\u673a\u6784\u7684\u7d27\u6025\u8b66\u62a5\u548c\u6d88\u606f\u4f20\u9001\u7ed9\u6307\u5b9a\u5730\u7406\u533a\u57df\u5185\u7684\u591a\u4e2a\u79fb\u52a8\u7528\u6237\u3002\n\nNokia Broadcast Message Center 11.1.0\u53ca\u5176\u4e4b\u524d\u7248\u672c\u5b58\u5728SQL\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e/owui/block/send-receive-updates\u4e2dextIdentifier HTTP POST\u53c2\u6570\u7f3a\u5c11\u8fc7\u6ee4\u548c\u8f6c\u4e49\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u6570\u636e\u5e93\u7528\u6237\u3001\u6570\u636e\u5e93\u540d\u79f0\u548c\u6570\u636e\u5e93\u7248\u672c\u4fe1\u606f\uff0c\u4ee5\u53ca\u6f5c\u5728\u7684\u6570\u636e\u5e93\u6570\u636e\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://www.nokia.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-68946",
  "openTime": "2022-10-14",
  "products": {
    "product": "nokia Broadcast Message Center \u003c=11.1.0"
  },
  "referenceLink": "https://www.gruppotim.it/it/footer/red-team.html",
  "serverity": "\u4e2d",
  "submitTime": "2022-05-27",
  "title": "Nokia Broadcast Message Center SQL\u6ce8\u5165\u6f0f\u6d1e\uff08CNVD-2022-68946\uff09"
}

CVE-2021-35487 (GCVE-0-2021-35487)

Vulnerability from cvelistv5 – Published: 2022-05-25 13:41 – Updated: 2024-08-04 00:40

Summary

Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user, database name, and database version information, and potentially database data.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://www.nokia.com/notices/responsible-disclosure/	x_refsource_MISC
	https://www.gruppotim.it/it/footer/red-team.html	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:40:46.310Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.nokia.com/notices/responsible-disclosure/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.gruppotim.it/it/footer/red-team.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user, database name, and database version information, and potentially database data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-25T13:41:38.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.nokia.com/notices/responsible-disclosure/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.gruppotim.it/it/footer/red-team.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-35487",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user, database name, and database version information, and potentially database data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.nokia.com/notices/responsible-disclosure/",
              "refsource": "MISC",
              "url": "https://www.nokia.com/notices/responsible-disclosure/"
            },
            {
              "name": "https://www.gruppotim.it/it/footer/red-team.html",
              "refsource": "MISC",
              "url": "https://www.gruppotim.it/it/footer/red-team.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-35487",
    "datePublished": "2022-05-25T13:41:38.000Z",
    "dateReserved": "2021-06-24T00:00:00.000Z",
    "dateUpdated": "2024-08-04T00:40:46.310Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2022-68946

CVE-2021-35487 (GCVE-0-2021-35487)

Tags

Sightings

Nomenclature