Vulnerabilities > Ericsson > Operations Support System Radio AND Core Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-10-14 CVE-2021-32571 Incomplete Cleanup vulnerability in Ericsson Operations Support System-Radio and Core Firmware 18B
In OSS-RC systems of the release 18B and older during data migration procedures certain files containing usernames and passwords are left in the system undeleted but in folders accessible by top privileged accounts only.
network
low complexity
ericsson CWE-459
4.9
2021-10-14 CVE-2021-32569 Cross-site Scripting vulnerability in Ericsson Operations Support System-Radio and Core Firmware 18B
In OSS-RC systems of the release 18B and older customer documentation browsing libraries under ALEX are subject to Cross-Site Scripting.
network
low complexity
ericsson CWE-79
6.1