Filtered by vendor Ericsson
Subscribe
Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-39909 | 1 Ericsson | 1 Network Manager | 2024-01-08 | N/A | 8.8 HIGH |
| Ericsson Network Manager before 23.2 mishandles Access Control and thus unauthenticated low-privilege users can access the NCM application. | |||||
| CVE-2022-47531 | 1 Ericsson | 1 Evolved Packet Gateway | 2023-12-11 | N/A | 8.8 HIGH |
| An issue was discovered in Ericsson Evolved Packet Gateway (EPG) versions 3.x before 3.25 and 2.x before 2.16, allows authenticated users to bypass system CLI and execute commands they are authorized to execute directly in the UNIX shell. | |||||
| CVE-2021-43339 | 1 Ericsson | 1 Network Location | 2021-11-30 | 6.5 MEDIUM | 8.8 HIGH |
| In Ericsson Network Location before 2021-07-31, it is possible for an authenticated attacker to inject commands via file_name in the export functionality. For example, a new admin user could be created. | |||||
| CVE-2021-41390 | 1 Ericsson | 1 Enterprise Content Management | 2021-09-29 | 6.0 MEDIUM | 8.0 HIGH |
| In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection. | |||||