VYPR

Broadcast Message Center (BMC)

by Nokia

CVEs (2)

  • CVE-2022-45899MedMay 8, 2026
    risk 0.42cvss 6.5epss 0.01

    Nokia Broadcast Message Center (BMC) before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field.

  • CVE-2021-35487May 25, 2022
    risk 0.00cvss epss 0.01

    Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. This allows an attacker to obtain…