Ericssonlg - Ipecs Nms CVE

Filtered by vendor Ericssonlg Subscribe

Filtered by product Ipecs Nms

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-10285	1 Ericssonlg	1 Ipecs Nms	2019-10-03	7.5 HIGH	9.8 CRITICAL
The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since the app does not use any sort of session ID, an attacker might bypass authentication.
CVE-2018-9245	1 Ericssonlg	1 Ipecs Nms	2018-05-25	10.0 HIGH	9.8 CRITICAL
The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system.

Vulnerabilities (CVE)