Known Vulnerabilities for products from Ericsson
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Ericsson".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Ericsson can be found at device.report : Ericsson
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-53828 json | Ericsson Packet Core Controller (PCC) versions prior to 1.38 contain a vulnerability where an attacker sending a large volume... | Not Provided | 2026-04-01 | 2026-04-10 |
| CVE-2022-47531 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-12-05 | 2023-12-11 |
| CVE-2022-46408 json | Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application Network Connectivity Mana... | 6.8 - MEDIUM | 2023-06-29 | 2023-07-06 |
| CVE-2022-46407 json | Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoint “editprofile” where... | 4.8 - MEDIUM | 2023-06-29 | 2023-07-06 |
| CVE-2021-44217 json | In Ericsson CodeChecker through 6.18.0, a Stored Cross-site scripting (XSS) vulnerability in the comments component of the re... | 6.1 - MEDIUM | 2022-01-18 | 2022-01-24 |
| CVE-2021-43339 json | In Ericsson Network Location before 2021-07-31, it is possible for an authenticated attacker to inject commands via file_name... | 8.8 - HIGH | 2021-11-03 | 2021-11-30 |
| CVE-2021-43338 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-43339. Reason: This candidate is a duplicate of CVE-2021-... | Not Provided | 2021-11-03 | 2023-11-07 |
| CVE-2021-41391 json | In Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile Management Section is vulnerab... | 5.4 - MEDIUM | 2021-09-17 | 2021-09-29 |
| CVE-2021-41390 json | In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulner... | 8 - HIGH | 2021-09-17 | 2021-09-29 |
| CVE-2021-32571 json | ** UNSUPPORTED WHEN ASSIGNED ** In OSS-RC systems of the release 18B and older during data migration procedures certain files... | 4.9 - MEDIUM | 2021-10-14 | 2023-11-07 |
| CVE-2021-32570 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.9 - MEDIUM | 2022-08-26 | 2022-09-09 |
| CVE-2021-32569 json | ** UNSUPPORTED WHEN ASSIGNED ** In OSS-RC systems of the release 18B and older customer documentation browsing libraries unde... | 6.1 - MEDIUM | 2021-10-14 | 2023-11-07 |
| CVE-2021-28488 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-03-10 | 2022-07-12 |
| CVE-2021-28485 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.3 - MEDIUM | 2023-09-14 | 2023-10-25 |
| CVE-2020-29145 json | In Ericsson BSCS iX R18 Billing & Rating iX R18, ADMX is a web base module in BSCS iX that is vulnerable to stored XSS via th... | 5.4 - MEDIUM | 2020-11-27 | 2020-12-04 |
| CVE-2020-29144 json | In Ericsson BSCS iX R18 Billing & Rating iX R18, MX is a web base module in BSCS iX that is vulnerable to stored XSS via an A... | 5.4 - MEDIUM | 2020-11-27 | 2020-12-04 |
| CVE-2019-7417 json | XSS exists in Ericsson Active Library Explorer (ALEX) 14.3 in multiple parameters in the "/cgi-bin/alexserv" servlet, as demo... | 6.1 - MEDIUM | 2019-03-21 | 2019-03-25 |
| CVE-2015-2167 json | Open redirect vulnerability in the 3PI Manager in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows r... | 5.8 - MEDIUM | 2015-04-06 | 2016-12-03 |
| CVE-2015-2166 json | Directory traversal vulnerability in the Instance Monitor in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and... | 5 - MEDIUM | 2015-04-06 | 2016-12-03 |
| CVE-2015-2165 json | Multiple cross-site scripting (XSS) vulnerabilities in the Report Viewer in Ericsson Drutt Mobile Service Delivery Platform (... | 4.3 - MEDIUM | 2015-04-06 | 2019-06-14 |
Known software with vulnerabilities from Ericsson
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Ericsson | Active Library Explorer | 14.3 |
| Application | Ericsson | Drutt Mobile Service Delivery Platform | 4.0 |
| Hardware | Ericsson | Rx8200 | - |
| Operating System | Ericsson | Rx8200 Firmware | 5.13.3 |