CVE-2018-10285

Name of the Vulnerable Software and Affected Versions: Ericsson-LG iPECS NMS version A.1Ac

Description: The Ericsson-LG iPECS NMS A.1Ac web application has an issue with its access control mechanisms. Specifically, the application does not utilize session IDs, which could allow an attacker to bypass authentication.

Recommendations: For Ericsson-LG iPECS NMS version A.1Ac, consider implementing proper session management to prevent unauthorized access until a patch is available. As a temporary workaround, restrict access to the web application to minimize the risk of exploitation.