Vulnerabilities > Ericsson > Network Manager > 22.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-04 | CVE-2024-25007 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Ericsson Network Manager 21.2/22.1/22.2 Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Formula Elements in a CSV File can lead to code execution or information disclosure. | 7.1 |
| 2023-12-07 | CVE-2023-39909 | Unspecified vulnerability in Ericsson Network Manager 21.2/22.1/22.2 Ericsson Network Manager before 23.2 mishandles Access Control and thus unauthenticated low-privilege users can access the NCM application. | 8.8 |
| 2023-06-29 | CVE-2022-46407 | Open Redirect vulnerability in Ericsson Network Manager 21.2/22.1 Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoint “editprofile” where Open Redirect HTTP Header Injection can lead to redirection of the submitted request to domain out of control of ENM deployment. | 4.8 |