2 matches found
CVE-2020-7824
A vulnerability in the web-based management interface of iPECS could allow an authenticated, remote attacker to get administrator permission. The vulnerability is due to insecure permission when handling session cookies. An attacker could exploit this vulnerability by modification the cookie valu...
CVE-2020-7824
CVE-2020-7824 affects Ericsson iPECS web-based management interface. The issue arises from insecure permission handling of session cookies, enabling an authenticated, remote attacker to modify a cookie value and obtain administrator privileges. Reported impact includes access to sensitive device ...