Vulnerabilities > CVE-2021-32571 - Incomplete Cleanup vulnerability in Ericsson Operations Support System-Radio and Core Firmware 18B
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
In OSS-RC systems of the release 18B and older during data migration procedures certain files containing usernames and passwords are left in the system undeleted but in folders accessible by top privileged accounts only. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Ericsson Network Manager is a new generation OSS system which OSS-RC customers shall upgrade to
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 | |
Hardware | 1 |