Vulnerability Details CVE-2022-46408
Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application Network Connectivity Manager (NCM) where improper Neutralization of Formula Elements in a CSV File can lead to remote code execution or data leakage via maliciously injected hyperlinks. The attacker would need admin/elevated access to exploit the vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.2%
CVSS Severity
CVSS v3 Score 6.8
References
Products affected by CVE-2022-46408
-
cpe:2.3:a:ericsson:network_manager:-
-
cpe:2.3:a:ericsson:network_manager:21.2