CVE-2021-32571
Published on: 10/14/2021 12:00:00 AM UTC
Last Modified on: 10/20/2021 07:31:00 PM UTC
Certain versions of Operations Support System-radio And Core from Ericsson contain the following vulnerability:
** UNSUPPORTED WHEN ASSIGNED ** In OSS-RC systems of the release 18B and older during data migration procedures certain files containing usernames and passwords are left in the system undeleted but in folders accessible by top privileged accounts only. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Ericsson Network Manager is a new generation OSS system which OSS-RC customers shall upgrade to.
- CVE-2021-32571 has been assigned by
[email protected] to track the vulnerability - currently rated as MEDIUM severity.
CVSS3 Score: 4.9 - MEDIUM
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
NETWORK | LOW | HIGH | NONE |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | HIGH | NONE | NONE |
CVSS2 Score: 4 - MEDIUM
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | LOW | SINGLE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | NONE | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
Gruppo TIM | Vulnerability Research & Advisor | www.gruppotim.it text/html |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Hardware | Ericsson | Operations Support System-radio And Core | - | All | All | All |
Operating System | Ericsson | Operations Support System-radio And Core Firmware | All | All | All | All |
- cpe:2.3:h:ericsson:operations_support_system-radio_and_core:-:*:*:*:*:*:*:*:
- cpe:2.3:o:ericsson:operations_support_system-radio_and_core_firmware:*:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
CVE-2021-32571 : In OSS-RC systems of the release 18B and older during data migration procedures certain files co… twitter.com/i/web/status/1… | 2021-10-14 17:44:16 |