CVE-2025-0980 | THREATINT

Description

Nokia SR Linux is vulnerable to an authentication vulnerability allowing unauthorized access to the JSON-RPC service. When exploited, an invalid validation allows JSON RPC access without providing valid authentication credentials.

PUBLISHED Reserved 2025-02-03 | Published 2026-01-07 | Updated 2026-01-07 | Assigner Nokia

Product status

<23.10.6

affected

<24.10.2

affected

23.10.6 and onwards

unaffected

24.10.2 and onwards

unaffected

References

www.nokia.com/...ty/product-security-advisory/CVE-2025-0980/ (Nokia Product Security Advisory)

cve.org (CVE-2025-0980)

nvd.nist.gov (CVE-2025-0980)

Download JSON