CVE-2022-46408

2023-06-2900:00:00

mitre

www.cve.org

ericsson network manager

vulnerability

remote code execution

data leakage

malicious hyperlinks

admin access

AI Score

7.2

Confidence

High

EPSS

0.002

Percentile

53.1%

JSON

Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application Network Connectivity Manager (NCM) where improper Neutralization of Formula Elements in a CSV File can lead to remote code execution or data leakage via maliciously injected hyperlinks. The attacker would need admin/elevated access to exploit the vulnerability.

References

www.gruppotim.it/it/footer/red-team.html