Unrated severityNVD Advisory· Published Mar 3, 2026· Updated Mar 4, 2026

CVE-2021-35484

Description

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL Injection attack on the endpoint /ui/rest-proxy/campaign/statistic (for the View Campaign page) via the sortColumn HTTP GET parameter. This allows an attacker to access sensitive data from the database and obtain access to the database user, database name, and database version information.

Affected products

Nokia/IMPACTdescription
Nokia/IMPACTllm-create
Range: <=19.11.2.10-20210118042150283

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.gruppotim.it/it/footer/red-team/2021/Motive-Impact-CVE-2021-35484.htmlmitre
www.nokia.com/networks/solutions/impact-iot-platform/mitre
www.nokia.com/notices/responsible-disclosure/mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000