447 matches found
CVE-2018-9245
The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system...
Sql injection
The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system...
CVE-2018-9245
The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system...
Authentication flaw
The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since the app does not use any sort of session ID, an attacker might bypass authentication...
CVE-2018-10285
The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since the app does not use any sort of session ID, an attacker might bypass authentication...
CVE-2018-10286
The CVE-2018-10286 case involves Ericsson-LG iPECS NMS A.1Ac Web App. It discloses sensitive data (NMS admin credentials and PostgreSQL credentials) to logged-in users via HTTP POST responses. Affected component: web application; root cause: credentials exposed in responses to authenticated reque...
CVE-2018-10285
CVE-2018-10285 affects the Ericsson-LG iPECS NMS A.1Ac web application. The root cause is incorrect access control: the app does not use a session ID, allowing an attacker to bypass authentication. Public details reference credential disclosure and exploitation attempts (cleartext credentials) in...
CVE-2018-10286
The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive information such as the NMS admin credentials and the PostgreSQL database credentials to logged-in users via the responses to certain HTTP POST requests. In order to be able to see the credentials in cleartext, an attacker needs ...
CVE-2018-9245
The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system...
CVE-2018-9245
Summary: CVE-2018-9245 affects the Ericsson-LG iPECS NMS A.1Ac login portal. The vulnerability is a SQL injection in the User ID and password fields that enables bypassing the login page and can lead to remote code execution on the operating system. Public references in connected documents includ...
Ericsson Erlang otp TLS server information disclosure vulnerability
Ericsson Erlang otp TLS server is a TLS Secure Transport Protocol server written in the Erlang language, developed and maintained by Ericsson, Sweden. A security vulnerability exists in the Ericsson Erlang otp TLS server, which originates from the program responding to different alerts for...
Moderate: Red Hat Security Advisory: openstack-heat security and bug fix update
An update for openstack-heat is now available for Red Hat OpenStack Platform 9.0 Mitaka. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: openstack-puppet-modules security update
An update for openstack-puppet-modules is now available for Red Hat OpenStack Platform 8.0 Liberty. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
jobs.ericsson.com XSS vulnerability
Vulnerable URL: https://jobs.ericsson.com/talentcommunity/subscribe/?slp=/talentcommunity/profile/%27-prompt%28%27OPENBUGBOUNTY%27%29-%27 Details: Description| Value ---|--- Patched:| Yes, at 18.08.2016 Latest check for patch:| 18.08.2016 11:06 GMT Vulnerability type:| XSS Vulnerability status:|...
www1.ericsson.com XSS vulnerability
Vulnerable URL: http://www1.ericsson.com/spotlight/services/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| Yes, at 01.11.2017 Latest check for patch:| 01.11.2017 11:36 GMT Vulnerability type:| XSS Vulnerability...
ericsson.com Open Redirect vulnerability
Vulnerable URL: http://www.ericsson.com/ag/redirect?url=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 03.02.2016 Latest check for patch:| 03.02.2016 03:07 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 15937 Google...
ericsson.com XSS vulnerability
Vulnerable URL: http://www.ericsson.com/se/nsearch?query="' style="display:block" onmous%65over=window'alert' lol='"= Details: Description| Value ---|--- Patched:| Yes, at 30.11.2015 Latest check for patch:| 30.11.2015 17:24 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
Multiprotocol Network Emulator – Simulator: IMUNES
IMUNES GUI is a simple Tcl/Tk based management console, allowing for specification and management of virtual network topologies. The emulation execution engine itself operates within the operating system kernel. Univesity of Zagreb developed a realistic network topology emulation / simulation...
Multiple Cross-Site Scripting Vulnerabilities in Ericsson Drutt Mobile Service Delivery Platform
Ericsson Drutt Mobile Service Delivery Platform is a business support system for Service Delivery Platforms SDPs for on-site and off-portal services from Ericsson, Sweden. Multiple cross-site scripting vulnerabilities exist in Ericsson Drutt Mobile Service Delivery Platform 4, 5, and 6, which cou...
Ericsson Drutt Mobile Service Delivery Platform Directory Traversal Vulnerability
Ericsson Drutt Mobile Service Delivery Platform MSDP is a business support system from Ericsson, Sweden, that supports Service Delivery Platforms SDPs for on-site and off-portal services. A directory traversal vulnerability exists in Instance Monitor in Ericsson Drutt MSDP. A remote attacker coul...