Nokia IMPACT Applications Component Arbitrary File Upload Vulnerability

Vulnerability

A vulnerability in the Applications component of Nokia IMPACT, affecting versions through 19.11.2.10-20210118042150283, allows authenticated users to upload executable files to the server. This issue arises in the fileupload parameter of the /ui/rest-proxy/application endpoint, during the process of adding new applications or editing existing ones.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of uploaded files on the server, potentially allowing for arbitrary code execution.

Added: Mar 3, 2026, 6:26 PM

Updated: Mar 3, 2026, 10:33 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nokia IMPACT Applications Component Arbitrary File Upload Vulnerability

Vulnerability

Impact

Affected Products

Nokia IMPACT

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating