Aleksandr Ustinov

**Name of the Vulnerable Software and Affected Versions** Nokia NetAct versions prior to 22 FP2211 **Description** The issue is related to insufficient protection of the web page structure when creating tasks. It allows an attacker to perform cross-site scripting (XSS) attacks by injecting scripts. The vulnerability can be exploited on the Scheduled Search tab under the Alarm Reports Dashboard page, where users can create a script to inject XSS due to missing input validation during the creation of a scheduled task. For an external attacker, it is very difficult to exploit this, because a few dynamically created parameters such as `Jsession-id`, a `CSRF token`, and an `Nxsrf token` would be needed. The attack can realistically only be performed by an internal user. **Recommendations** For Nokia NetAct versions prior to 22 FP2211, update to version 22 FP2211 or later to resolve the issue. As a temporary workaround, consider restricting access to the Scheduled Search tab under the Alarm Reports Dashboard page to minimize the risk of exploitation. Additionally, restrict the ability to create scripts that can inject XSS on this page until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Nokia NetAct versions prior to 22 FP2211 **Description** The issue is related to the lack of input validation when creating a working set in the NetAct system, allowing an attacker to inject a client-side template payload. This can lead to the execution of arbitrary JavaScript code. The attack can be performed by an internal user, as exploiting this issue from the outside is difficult due to the need for dynamically created parameters such as `Jsession-id`, `CSRF token`, and `Nxsrf token`. **Recommendations** For versions prior to 22 FP2211, update to version 22 FP2211 or later to resolve the issue. As a temporary workaround, consider restricting access to the Working Set Manager page to minimize the risk of exploitation. Additionally, ensure that all users are aware of the potential risk and take necessary precautions to avoid injecting malicious payloads when creating working sets.

**Name of the Vulnerable Software and Affected Versions** Nokia NetAct versions prior to 22 SP1037 **Description** An issue was discovered in the Site Configuration Tool tab of Nokia NetAct, where attackers can upload a ZIP file that, when processed, exploits Stored XSS. The upload option of the Site Configuration tool does not validate the file contents. The application is in a demilitarised zone behind a perimeter firewall and without exposure to the internet. The attack can only be performed by an internal user. **Recommendations** For versions prior to 22 SP1037, update to version 22 SP1037 or later to resolve the issue. As a temporary workaround, consider disabling the file upload option in the Site Configuration Tool tab until a patch is available. Restrict access to the Site Configuration Tool to minimize the risk of exploitation. Avoid using the upload option for ZIP files in the affected tool until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Nokia NetAct versions prior to 22 FP2211 **Description** An XXE issue was discovered in Nokia NetAct via an XML document to a Performance Manager page, where input validation and a proper XML parser configuration are missing. This could allow an attacker to gain unauthorized access to protected information or perform an SSRF attack. For an external attacker, it is very difficult to exploit this issue, as dynamically created parameters such as `Jsession-id`, `CSRF token`, and `Nxsrf token` would be needed. The attack can realistically only be performed by an internal user. **Recommendations** For Nokia NetAct versions prior to 22 FP2211, update to version 22 FP2211 or later to resolve the issue. As a temporary workaround, consider restricting access to the Performance Manager page and ensuring proper input validation and XML parser configuration to minimize the risk of exploitation. Restrict access to dynamically created parameters such as `Jsession-id`, `CSRF token`, and `Nxsrf token` to prevent unauthorized access.

**Name of the Vulnerable Software and Affected Versions** Nokia NetAct versions prior to 22 FP2211 **Description** An XXE issue was discovered via an XML document to the Configuration Dashboard page, where input validation and a proper XML parser configuration are missing. This makes it difficult for an external attacker to exploit, as dynamically created parameters such as `Jsession-id`, `CSRF token`, and `Nxsrf token` would be needed. The attack can realistically only be performed by an internal user. The issue is related to incorrect restriction of XML links to external objects, which may allow an attacker to gain unauthorized access to protected information or perform an SSRF attack. **Recommendations** For Nokia NetAct versions prior to 22 FP2211, consider implementing proper input validation and configuring an XML parser to mitigate the risk of exploitation. As a temporary workaround, restrict access to the Configuration Dashboard page to minimize the risk of internal users exploiting this issue. Ensure that all dynamically created parameters, such as `Jsession-id`, `CSRF token`, and `Nxsrf token`, are properly validated and secured.