Vulnerabilities > Ericsson > Network Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-06-29 CVE-2022-46408 Improper Neutralization of Formula Elements in a CSV File vulnerability in Ericsson Network Manager 21.2
Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application Network Connectivity Manager (NCM) where improper Neutralization of Formula Elements in a CSV File can lead to remote code execution or data leakage via maliciously injected hyperlinks.
network
low complexity
ericsson CWE-1236
6.8
2023-06-29 CVE-2022-46407 Open Redirect vulnerability in Ericsson Network Manager 21.2/22.1
Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoint “editprofile” where Open Redirect HTTP Header Injection can lead to redirection of the submitted request to domain out of control of ENM deployment.
network
low complexity
ericsson CWE-601
4.8
2022-08-26 CVE-2021-32570 Information Exposure Through Log Files vulnerability in Ericsson Network Manager
In Ericsson Network Manager (ENM) releases before 21.2, users belonging to the same AMOS authorization group can retrieve the data from certain log files.
network
low complexity
ericsson CWE-532
4.9
2022-03-10 CVE-2021-28488 Exposure of Resource to Wrong Sphere vulnerability in Ericsson Network Manager
Ericsson Network Manager (ENM) before 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already granted a highly privileged role).
network
low complexity
ericsson CWE-668
6.5