CVE-2025-24816

medium

Description

Nokia MantaRay is subject to an Improper Access Control vulnerability due to insufficient authorization within the API. Successful exploitation could allow an authenticated attacker to retrieve confidential information beyond their assigned privileges.

References

https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24816/

Details

Source: Mitre, NVD

Published: 2026-06-30

Updated: 2026-06-30

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N