Vulnerabilities > Ericsson > Mobile Switching Center Server BC 18A Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-09-14 CVE-2021-28485 Path Traversal vulnerability in Ericsson Mobile Switching Center Server BC 18A Firmware Is3.1
In Ericsson Mobile Switching Center Server (MSC-S) before IS 3.1 CP22, the SIS web application allows relative path traversal via a specific parameter in the https request after authentication, which allows access to files on the system that are not intended to be accessible via the web application.
network
low complexity
ericsson CWE-22
4.3