CVE-2024-25011

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Ericsson Catalog Manager and Ericsson Order Care APIs (affected versions not specified)

Description Ericsson Catalog Manager and Ericsson Order Care APIs do not have authentication enabled by default, leading to an information disclosure issue. Authentication checks can be configured to remediate the issue.

Recommendations Configure authentication checks for the Ericsson Catalog Manager and Ericsson Order Care APIs.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2024-25011

Affected Products

Ericsson Catalog Manager

Ericsson Order Care Apis

CVE-2024-25011

Weakness Enumeration

Related Identifiers

Affected Products

References · 6