CVE-2021-35483
Authenticated JavaScript File Upload Vulnerability in Nokia IMPACT Applications
Publication date: 2026-03-03
Last updated on: 2026-03-05
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nokia | impact | to 19.11.2.10-20210118042150283 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2021-35483 is a Stored Cross-Site Scripting (XSS) vulnerability affecting the Nokia IMPACT web interface, specifically version 19.11.2.10-20210118042150283.
The vulnerability occurs because the web interface does not properly validate or sanitize parameters received via HTTP requests before storing them on the server.
An authenticated user can upload JavaScript files through the /ui/rest-proxy/application fileupload parameter when adding or editing an application.
When another authenticated user visits the web page where the malicious JavaScript file is published, the script is executed in their browser, potentially compromising security.
How can this vulnerability impact me? :
This vulnerability allows an attacker with authenticated access to inject persistent malicious JavaScript code into the Nokia IMPACT web interface.
When other users visit the affected pages, the malicious scripts execute in their browsers, which can lead to session hijacking, credential theft, or unauthorized actions performed on behalf of the user.
Such attacks can compromise end-user security and potentially lead to broader system compromise depending on the privileges of the affected users.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by identifying if the Nokia IMPACT web interface version 19.11.2.10-20210118042150283 allows authenticated users to upload JavaScript files via the /ui/rest-proxy/application fileupload parameter.'}, {'type': 'paragraph', 'content': 'One approach is to authenticate to the web interface and attempt to upload a JavaScript file through the fileupload parameter during the addition or editing of an application. If the file is accepted and later executed when visiting the published page, the vulnerability is present.'}, {'type': 'paragraph', 'content': 'Commands or tools to assist detection could include using curl or similar HTTP clients to simulate the file upload with a JavaScript payload, for example:'}, {'type': 'list_item', 'content': 'curl -X POST -F "[email protected]" -b "cookie.txt" https://<target>/ui/rest-proxy/application/fileupload'}, {'type': 'paragraph', 'content': 'After uploading, visiting the affected page in a browser or using automated tools to detect script execution can confirm the presence of the vulnerability.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting or disabling the ability for authenticated users to upload JavaScript files via the vulnerable fileupload parameter.
Additionally, applying strict input validation and sanitization on the server side to prevent uploading or storing executable scripts is critical.
If possible, update or patch the Nokia IMPACT software to a version where this vulnerability is fixed.
As a temporary measure, limit access to the web interface to trusted users only and monitor for suspicious file uploads or activity.