CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-25007

Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Formula Elements in a CSV File can lead to code execution or information disclosure. There is limited impact to integrity and availability. The attacker on the adjacent network with administration access can exploit the vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.2%

CVSS Severity

CVSS v3 Score 7.1

References

https://www.ericsson.com/en/about-us/security/psirt/security-bulletin--ericsson-network-manager-march-2024
https://www.ericsson.com/en/about-us/security/psirt/security-bulletin--ericsson-network-manager-march-2024

Products affected by CVE-2024-25007

Ericsson » Network Manager » Version: N/A

cpe:2.3:a:ericsson:network_manager:-
Ericsson » Network Manager » Version: 21.2

cpe:2.3:a:ericsson:network_manager:21.2
Ericsson » Network Manager » Version: 22.1

cpe:2.3:a:ericsson:network_manager:22.1
Ericsson » Network Manager » Version: 22.2

cpe:2.3:a:ericsson:network_manager:22.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-25007

Products

Pricing

Contact Us