Primary

Context

Nokia SR Linux JSON-RPC Authentication Bypass Vulnerability

Vulnerability

Patched

An authentication vulnerability has been identified in Nokia SR Linux, allowing unauthorized access to the JSON-RPC service. This vulnerability exists in SR Linux versions prior to 23.10.6 and 24.10.2. When exploited, the vulnerability permits JSON-RPC access without valid authentication credentials.

Impact

Exploitation of this vulnerability allows for unauthorized access to the JSON-RPC service, potentially leading to further actions or access rights within the application or service.

Remediation

Users can upgrade to Nokia SR Linux versions 23.10.6, 24.10.2 or later to address this vulnerability.

Added: Jan 7, 2026, 5:25 PM

Updated: Jan 7, 2026, 5:25 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

7.0

remediation

7.7

relevance

1.9

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

7.0

remediation

7.7

relevance

1.9

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nokia SR Linux JSON-RPC Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Nokia SR Linux

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating