CVE-2023-31044

Low CVSS: 2.0

An issue was discovered in Nokia Impact before Mobile 23_FP1. In Impact DM 19.11 onwards, a remote authenticated user, using the Add Campaign functionality, can inject a malicious payload within the Campaign Name. This data can be exported to a CSV file. Attackers can populate data fields that may attempt data exfiltration or other malicious activity when automatically executed by the spreadsheet software.

Vendor

Nokia

Product

Impact Mobile

CWE

CWE-94

Yayın Tarihi

2026-03-03 18:16:21

Güncelleme

2026-03-09 13:38:49

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-94 Impact Mobile LOW Nokia 2026

Referanslar

https://nokia.com https://www.gruppotim.it/it/footer/red-team/2023/Motive-Impact-CVE-2023-31044.html

Benzer Kayıtlar

High

CVE-2021-35486

A Cross-Site Request Forgery (CSRF) vulnerability in Nokia IMPACT through 19.11.2.10-20210118042150283 allows a remote a…

Medium

CVE-2021-35483

The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to…

High

CVE-2021-35484

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL…

High

CVE-2021-35485

The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to…

Medium

CVE-2025-10258

Infinera DNA is vulnerable to a time-based SQL injection vulnerability due to insufficient input validation, which may r…

Critical

CVE-2025-27019

Remote shell service (RSH) in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user acco…