Количество 2
Количество 2
CVE-2021-28488
Ericsson Network Manager (ENM) before 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already granted a highly privileged role). Users in the same AMOS authorization group can retrieve managed-network data that was not set to be accessible to the entire group (i.e., was only set to be accessible to a subset of that group).
GHSA-7cm3-m8rx-jcvp
Ericsson Network Manager 20.2 has Insecure Permissions.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-28488 Ericsson Network Manager (ENM) before 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already granted a highly privileged role). Users in the same AMOS authorization group can retrieve managed-network data that was not set to be accessible to the entire group (i.e., was only set to be accessible to a subset of that group). | CVSS3: 6.5 | 1% Низкий | почти 4 года назад |
| GHSA-7cm3-m8rx-jcvp Ericsson Network Manager 20.2 has Insecure Permissions. | CVSS3: 6.5 | 1% Низкий | почти 4 года назад |
Уязвимостей на страницу