Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ericsson vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2020-29144
In Ericsson BSCS iX R18 Billing & Rating iX R18, MX is a web base module in BSCS iX that is vulnerable to stored XSS via an Alert Dashboard comment. In most test cases, session hijacking was also possible by utilizing the XSS vulnerability. This potentially allows for full ac...
Ericsson Bscs Ix R18 Billing \\& Rating Admx -
Ericsson Bscs Ix R18 Billing \\& Rating Mx -
NA
CVE-2022-46408
Ericsson Network Manager (ENM), versions before 22.1, contains a vulnerability in the application Network Connectivity Manager (NCM) where improper Neutralization of Formula Elements in a CSV File can lead to remote code execution or data leakage via maliciously injected hyperlin...
Ericsson Network Manager
6.5
CVSSv2
CVE-2021-43339
In Ericsson Network Location prior to 2021-07-31, it is possible for an authenticated malicious user to inject commands via file_name in the export functionality. For example, a new admin user could be created.
Ericsson Network Location
4.3
CVSSv2
CVE-2021-32569
In OSS-RC systems of the release 18B and older customer documentation browsing libraries under ALEX are subject to Cross-Site Scripting. This problem is completely resolved in new Ericsson library browsing tool ELEX used in systems like Ericsson Network Manager. NOTE: This vulner...
Ericsson Operations Support System-radio And Core Firmware
NA
CVE-2021-32570
In Ericsson Network Manager (ENM) releases prior to 21.2, users belonging to the same AMOS authorization group can retrieve the data from certain log files. All AMOS users are considered to be highly privileged users in ENM system and all must be previously defined and authorized...
Ericsson Network Manager
NA
CVE-2023-39909
Ericsson Network Manager prior to 23.2 mishandles Access Control and thus unauthenticated low-privilege users can access the NCM application.
Ericsson Network Manager
4
CVSSv2
CVE-2021-28488
Ericsson Network Manager (ENM) prior to 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already granted a highly privileged role). Users in the same AMOS authorization group can retrieve managed-network data that was...
Ericsson Network Manager
NA
CVE-2024-25007
Ericsson Network Manager (ENM), versions before 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Formula Elements in a CSV File can lead to code execution or information disclosure. There is limited impact to integrity and...
Ericsson Network Manager
NA
CVE-2022-46407
Ericsson Network Manager (ENM), versions before 22.2, contains a vulnerability in the REST endpoint “editprofile” where Open Redirect HTTP Header Injection can lead to redirection of the submitted request to domain out of control of ENM deployment. The attacker would ...
Ericsson Network Manager
2.9
CVSSv2
CVE-2006-6895
The Bluetooth stack in the Sony Ericsson T60 does not properly implement "Limited discoverable" mode, which allows remote malicious users to obtain unauthorized inquiry responses.
Sony Ericsson T60
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »