PT-2023-27146 · Ericsson · Ericsson Network Manager

Massimiliano Brolli

Publicado

2023-12-07

Atualizado

2024-01-08

CVE-2023-39909

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Ericsson Network Manager versions prior to 23.2

Description The issue is related to mishandled Access Control, allowing unauthenticated low-privilege users to access the NCM application.

Recommendations For versions prior to 23.2, update to version 23.2 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2023-39909

Ericsson Network Manager