Description

An issue was discovered in Nokia Impact before Mobile 23_FP1. In Impact DM 19.11 onwards, a remote authenticated user, using the Add Campaign functionality, can inject a malicious payload within the Campaign Name. This data can be exported to a CSV file. Attackers can populate data fields that may attempt data exfiltration or other malicious activity when automatically executed by the spreadsheet software.

INFO

Published Date :

2026-03-03T00:00:00.000Z

Last Modified :

2026-03-04T14:40:29.902Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2023-31044 vulnerability.

Vendors Products
Nokia
  • Impact
  • Impact Mobile
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-31044.

URL Resource
https://nokia.com cve-icon cve-icon
https://www.gruppotim.it/it/footer/red-team/2023/Motive-Impact-CVE-2023-31044.html cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Complexity
Attack Vector
Availability Impact
Confidentiality Impact
Integrity Impact
Privileges Required
Scope
User Interaction