exploitDog

CVE-2022-46407

Опубликовано: 29 июн. 2023

Источник: nvd

CVSS3: 4.8

EPSS Низкий

Описание

Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoint “editprofile” where Open Redirect HTTP Header Injection can lead to redirection of the submitted request to domain out of control of ENM deployment. The attacker would need admin/elevated access to exploit the vulnerability

Ссылки

https://www.gruppotim.it/it/footer/red-team.html
Third Party Advisory
https://www.gruppotim.it/it/footer/red-team.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ericsson:network_manager:*:*:*:*:*:*:*:*

Версия до 22.2 (исключая)

EPSS

Процентиль: 27%

0.00096

Низкий

4.8 Medium

CVSS3

Дефекты

CWE-601

Связанные уязвимости

GHSA-323m-j8jx-g8pq

CVSS3: 4.8

github

больше 2 лет назад

Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoint “editprofile” where Open Redirect HTTP Header Injection can lead to redirection of the submitted request to domain out of control of ENM deployment. The attacker would need admin/elevated access to exploit the vulnerability

EPSS

Процентиль: 27%

0.00096

Низкий

4.8 Medium

CVSS3

Дефекты

CWE-601