PT-2021-19785 · Ericsson · Oss-Rc+2
Alessandro Bosco
+2
·
Published
2021-10-14
·
Updated
2024-08-04
·
CVE-2021-32569
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
OSS-RC systems versions 18B and older
Description
The issue affects customer documentation browsing libraries under ALEX in OSS-RC systems, making them subject to Cross-Site Scripting. This problem is resolved in the new Ericsson library browsing tool ELEX used in systems like Ericsson Network Manager. The vulnerability only affects products that are no longer supported by the maintainer.
Recommendations
For OSS-RC systems versions 18B and older, upgrade to Ericsson Network Manager, which is a new generation OSS system and includes the resolved issue in its new library browsing tool ELEX.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Elex
Ericsson Network Manager
Oss-Rc