Lucene search
K

447 matches found

NVD
NVD
added 2018/04/22 1:29 p.m.15 views

CVE-2018-9245

The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system...

10CVSS9.9AI score0.04124EPSS
Exploits4References2
Prion
Prion
added 2018/04/22 1:29 p.m.11 views

Sql injection

The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system...

10CVSS9.8AI score0.04124EPSS
Exploits4References2Affected Software1
OSV
OSV
added 2018/04/22 1:29 p.m.5 views

CVE-2018-9245

The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system...

9.8CVSS6.1AI score0.04124EPSS
Exploits4References2
Prion
Prion
added 2018/04/22 1:29 p.m.11 views

Authentication flaw

The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since the app does not use any sort of session ID, an attacker might bypass authentication...

7.5CVSS9.5AI score0.13229EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2018/04/22 1:0 p.m.20 views

CVE-2018-10285

The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since the app does not use any sort of session ID, an attacker might bypass authentication...

9.6AI score0.13229EPSS
Exploits4References2
CVE
CVE
added 2018/04/22 1:0 p.m.62 views

CVE-2018-10286

The CVE-2018-10286 case involves Ericsson-LG iPECS NMS A.1Ac Web App. It discloses sensitive data (NMS admin credentials and PostgreSQL credentials) to logged-in users via HTTP POST responses. Affected component: web application; root cause: credentials exposed in responses to authenticated reque...

8.8CVSS8.9AI score0.06642EPSS
Exploits4References2Affected Software1
CVE
CVE
added 2018/04/22 1:0 p.m.67 views

CVE-2018-10285

CVE-2018-10285 affects the Ericsson-LG iPECS NMS A.1Ac web application. The root cause is incorrect access control: the app does not use a session ID, allowing an attacker to bypass authentication. Public details reference credential disclosure and exploitation attempts (cleartext credentials) in...

9.8CVSS9.5AI score0.13229EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2018/04/22 1:0 p.m.29 views

CVE-2018-10286

The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive information such as the NMS admin credentials and the PostgreSQL database credentials to logged-in users via the responses to certain HTTP POST requests. In order to be able to see the credentials in cleartext, an attacker needs ...

8.8AI score0.06642EPSS
Exploits4References2
Cvelist
Cvelist
added 2018/04/22 1:0 p.m.24 views

CVE-2018-9245

The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system...

9.9AI score0.04124EPSS
Exploits4References2
CVE
CVE
added 2018/04/22 1:0 p.m.51 views

CVE-2018-9245

Summary: CVE-2018-9245 affects the Ericsson-LG iPECS NMS A.1Ac login portal. The vulnerability is a SQL injection in the User ID and password fields that enables bypassing the login page and can lead to remote code execution on the operating system. Public references in connected documents includ...

10CVSS9.9AI score0.04124EPSS
Exploits4References2Affected Software1
CNVD
CNVD
added 2017/12/15 12:0 a.m.4 views

Ericsson Erlang otp TLS server information disclosure vulnerability

Ericsson Erlang otp TLS server is a TLS Secure Transport Protocol server written in the Erlang language, developed and maintained by Ericsson, Sweden. A security vulnerability exists in the Ericsson Erlang otp TLS server, which originates from the program responding to different alerts for...

5.9CVSS6.8AI score0.22098EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/06/14 3:28 p.m.50 views

Moderate: Red Hat Security Advisory: openstack-heat security and bug fix update

An update for openstack-heat is now available for Red Hat OpenStack Platform 9.0 Mitaka. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

5.9CVSS5.7AI score0.01537EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2017/03/01 1:31 p.m.33 views

Moderate: Red Hat Security Advisory: openstack-puppet-modules security update

An update for openstack-puppet-modules is now available for Red Hat OpenStack Platform 8.0 Liberty. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

6.5CVSS6.5AI score0.01152EPSS
Exploits0References2
Openbugbounty
Openbugbounty
added 2016/07/27 1:8 a.m.16 views

jobs.ericsson.com XSS vulnerability

Vulnerable URL: https://jobs.ericsson.com/talentcommunity/subscribe/?slp=/talentcommunity/profile/%27-prompt%28%27OPENBUGBOUNTY%27%29-%27 Details: Description| Value ---|--- Patched:| Yes, at 18.08.2016 Latest check for patch:| 18.08.2016 11:06 GMT Vulnerability type:| XSS Vulnerability status:|...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/05/17 9:34 a.m.9 views

www1.ericsson.com XSS vulnerability

Vulnerable URL: http://www1.ericsson.com/spotlight/services/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| Yes, at 01.11.2017 Latest check for patch:| 01.11.2017 11:36 GMT Vulnerability type:| XSS Vulnerability...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/01/11 11:27 p.m.7 views

ericsson.com Open Redirect vulnerability

Vulnerable URL: http://www.ericsson.com/ag/redirect?url=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 03.02.2016 Latest check for patch:| 03.02.2016 03:07 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 15937 Google...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/11/04 9:10 p.m.15 views

ericsson.com XSS vulnerability

Vulnerable URL: http://www.ericsson.com/se/nsearch?query="' style="display:block" onmous%65over=window'alert' lol='"= Details: Description| Value ---|--- Patched:| Yes, at 30.11.2015 Latest check for patch:| 30.11.2015 17:24 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

6.3AI score
Exploits0
n0where
n0where
added 2015/09/12 12:1 a.m.69 views

Multiprotocol Network Emulator – Simulator: IMUNES

IMUNES GUI is a simple Tcl/Tk based management console, allowing for specification and management of virtual network topologies. The emulation execution engine itself operates within the operating system kernel. Univesity of Zagreb developed a realistic network topology emulation / simulation...

7.2AI score
Exploits0References1
CNVD
CNVD
added 2015/04/09 12:0 a.m.4 views

Multiple Cross-Site Scripting Vulnerabilities in Ericsson Drutt Mobile Service Delivery Platform

Ericsson Drutt Mobile Service Delivery Platform is a business support system for Service Delivery Platforms SDPs for on-site and off-portal services from Ericsson, Sweden. Multiple cross-site scripting vulnerabilities exist in Ericsson Drutt Mobile Service Delivery Platform 4, 5, and 6, which cou...

4.3CVSS7AI score0.0176EPSS
Exploits2References1
CNVD
CNVD
added 2015/04/07 12:0 a.m.2 views

Ericsson Drutt Mobile Service Delivery Platform Directory Traversal Vulnerability

Ericsson Drutt Mobile Service Delivery Platform MSDP is a business support system from Ericsson, Sweden, that supports Service Delivery Platforms SDPs for on-site and off-portal services. A directory traversal vulnerability exists in Instance Monitor in Ericsson Drutt MSDP. A remote attacker coul...

5CVSS6.9AI score0.26229EPSS
Exploits5References1
Rows per page
Query Builder