CVE Catalog

CVE-2025-24816

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

7th percentile — higher than 7% of all known CVEs

Summary

Nokia MantaRay is affected by an Improper Access Control vulnerability due to insufficient authorization in the API. An authenticated attacker can retrieve confidential information beyond their assigned privileges.

Risk Assessment

The organization risks exposure of sensitive data, including network configurations or customer information, potentially leading to confidentiality breaches and regulatory non-compliance.

Recommendation

Apply the security update provided by the vendor immediately and review and strengthen API authorization mechanisms.

Original NVD description (English source)

Nokia MantaRay is subject to an Improper Access Control vulnerability due to insufficient authorization within the API. Successful exploitation could allow an authenticated attacker to retrieve confidential information beyond their assigned privileges.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS