In Nokia One-NDS (aka Network Directory Server) through 20.9, some Sudo permissions can be exploited by some users to escalate to root privileges and execute arbitrary commands.
References
Link | Resource |
---|---|
https://packetstormsecurity.com/files/171971/Nokia-OneNDS-20.9-Insecure-Permissions-Privilege-Escalation.html | Exploit Third Party Advisory VDB Entry |
https://www.nokia.com/networks/products/one-nds/ | Product |
Configurations
History
10 May 2023, 16:46
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.nokia.com/networks/products/one-nds/ - Product | |
References | (MISC) https://packetstormsecurity.com/files/171971/Nokia-OneNDS-20.9-Insecure-Permissions-Privilege-Escalation.html - Exploit, Third Party Advisory, VDB Entry | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CWE | CWE-276 | |
First Time |
Nokia one-nds
Nokia |
|
CPE | cpe:2.3:a:nokia:one-nds:*:*:*:*:*:*:*:* |
02 May 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-05-02 21:15
Updated : 2023-12-10 15:01
NVD link : CVE-2022-30759
Mitre link : CVE-2022-30759
CVE.ORG link : CVE-2022-30759
JSON object : View
Products Affected
nokia
- one-nds
CWE
CWE-276
Incorrect Default Permissions