Written by TaMbaRuS
Monday, 06 April 2009 23:02
Nokia Siemens Networks Flexi ISN Multiple Authentication Bypass Vulnerabilities
Access Validation Error
Mar 30 2009 12:00AM
Apr 06 2009 09:16PM
Nokia Siemens Networks Flexi ISN 3.1
The Nokia Siemens Networks Flexi ISN (Intelligent Service Node) device
is prone to multiple authentication-bypass vulnerabilities because its
web-based management interface fails to restrict access to certain
An attacker can exploit these issues to gain unauthorized access to the
affected device, which may lead to other attacks.
These issues affect Flexi ISN 3.1; other devices or versions may also
UPDATE (April 6, 2009): This issue is disputed; it is reported that the
device is not vulnerable as described. This BID will be updated as more
information becomes available.
Attackers may exploit these issues via a browser.
The following example URIs are available:
Currently we are not aware of any vendor-supplied patches. If you feel
we are in error or if you are aware of more recent information, please
mail us at:
http://www.nokiasiemensnetworks.com/global/Index.htm?languagecode=e (Nokia Siemens Networks)