Network Manager Security Vulnerabilities - 2023
Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoint βeditprofileβ where Open Redirect HTTP Header Injection can lead to redirection of the submitted request to domain out of control of ENM deployment. The attacker would need admin/elevated access to...
4.8CVSS
5.3AI Score
0.0005EPSS
Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application Network Connectivity Manager (NCM) where improper Neutralization of Formula Elements in a CSV File can lead to remote code execution or data leakage via maliciously injected hyperlinks. The attacker ...
6.8CVSS
7AI Score
0.002EPSS
Ericsson Network Manager before 23.2 mishandles Access Control and thus unauthenticated low-privilege users can access the NCM application.
8.8CVSS
8.7AI Score
0.001EPSS