Known Vulnerabilities for products from Ericsson

Listed below are 17 of the newest known vulnerabilities associated with the vendor "Ericsson".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Additional devices specifications by Ericsson can be found at device.report : Ericsson

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2024-53828 Not Provided 2026-04-01 2026-04-01
CVE-2021-43339 In Ericsson Network Location before 2021-07-31, it is possible for an authenticated attacker to inject commands via file_name... 8.8 - HIGH 2021-11-03 2021-11-30
CVE-2021-43338 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-43339. Reason: This candidate is a duplicate of CVE-2021-... Not Provided 2021-11-03 2023-11-07
CVE-2021-41391 In Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile Management Section is vulnerab... 5.4 - MEDIUM 2021-09-17 2021-09-29
CVE-2021-41390 In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulner... 8 - HIGH 2021-09-17 2021-09-29
CVE-2021-32571 ** UNSUPPORTED WHEN ASSIGNED ** In OSS-RC systems of the release 18B and older during data migration procedures certain files... 4.9 - MEDIUM 2021-10-14 2023-11-07
CVE-2021-32570 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 4.9 - MEDIUM 2022-08-26 2022-09-09
CVE-2021-32569 ** UNSUPPORTED WHEN ASSIGNED ** In OSS-RC systems of the release 18B and older customer documentation browsing libraries unde... 6.1 - MEDIUM 2021-10-14 2023-11-07
CVE-2021-28488 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 6.5 - MEDIUM 2022-03-10 2022-07-12
CVE-2021-28485 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 4.3 - MEDIUM 2023-09-14 2023-10-25
CVE-2020-29145 In Ericsson BSCS iX R18 Billing & Rating iX R18, ADMX is a web base module in BSCS iX that is vulnerable to stored XSS via th... 5.4 - MEDIUM 2020-11-27 2020-12-04
CVE-2020-29144 In Ericsson BSCS iX R18 Billing & Rating iX R18, MX is a web base module in BSCS iX that is vulnerable to stored XSS via an A... 5.4 - MEDIUM 2020-11-27 2020-12-04
CVE-2019-7417 XSS exists in Ericsson Active Library Explorer (ALEX) 14.3 in multiple parameters in the "/cgi-bin/alexserv" servlet, as demo... 6.1 - MEDIUM 2019-03-21 2019-03-25
CVE-2015-2167 Open redirect vulnerability in the 3PI Manager in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows r... 5.8 - MEDIUM 2015-04-06 2016-12-03
CVE-2015-2166 Directory traversal vulnerability in the Instance Monitor in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and... 5 - MEDIUM 2015-04-06 2016-12-03
CVE-2015-2165 Multiple cross-site scripting (XSS) vulnerabilities in the Report Viewer in Ericsson Drutt Mobile Service Delivery Platform (... 4.3 - MEDIUM 2015-04-06 2019-06-14
CVE-2003-1442 The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, which could allow remote att... 7.5 - HIGH 2003-12-31 2017-07-29
CVE-2000-0542 Tigris remote access server before 11.5.4.22 does not properly record Radius accounting information when a user fails the ini... 5 - MEDIUM 2000-06-13 2017-10-10

Known software with vulnerabilities from Ericsson

Type Vendor Product Version
ApplicationEricssonActive Library Explorer14.3
ApplicationEricssonDrutt Mobile Service Delivery Platform4.0
HardwareEricssonRx8200-
Operating
System		EricssonRx8200 Firmware5.13.3