CVE-2021-35484 in Impactinformação

Sumário

de MITRE • 03/03/2026

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL Injection attack on the endpoint /ui/rest-proxy/campaign/statistic (for the View Campaign page) via the sortColumn HTTP GET parameter. This allows an attacker to access sensitive data from the database and obtain access to the database user, database name, and database version information.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

MITRE

Reservar

24/06/2021

Divulgação

03/03/2026

Moderação

aceite

Entrada

VDB-348586

CPE

pronto

CWE

CWE-89 (confirmado)

CVSS

8.2 (CISA-ADP)

EPSS

0.00034

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2021-35484
NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-35484
CVE Details	https://www.cvedetails.com/cve/CVE-2021-35484/

◂ Voltar Visão Geral Próximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!