Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
47 vulnerabilities by ericsson
CVE-2025-59174 (GCVE-0-2025-59174)
Vulnerability from cvelistv5 – Published: 2026-06-05 13:44 – Updated: 2026-06-05 20:09
VLAI
Summary
Ericsson Packet Core Controller (PCC) versions prior to 1.39 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-228 - Improper Handling of Syntactically Invalid Structure
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Packet Core Controller |
Affected:
0 , < 1.39
(custom)
|
Date Public
2026-06-02 11:12
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59174",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-05T20:09:12.098289Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T20:09:18.706Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Packet Core Controller",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "1.39",
"status": "unaffected"
}
],
"lessThan": "1.39",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "The UK Telecoms Lab (UKTL)"
},
{
"lang": "en",
"type": "finder",
"value": "The UK\u2019s National Cyber Security Centre (NCSC)"
}
],
"datePublic": "2026-06-02T11:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ericsson Packet Core Controller (PCC) versions prior to 1.39 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation."
}
],
"value": "Ericsson Packet Core Controller (PCC) versions prior to 1.39 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-228",
"description": "CWE-228: Improper Handling of Syntactically Invalid Structure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T13:44:39.149Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://ericsson.com/en/about-us/security/psirt/CVE-2025-59174"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2025-59174",
"datePublished": "2026-06-05T13:44:39.149Z",
"dateReserved": "2025-09-10T13:24:49.360Z",
"dateUpdated": "2026-06-05T20:09:18.706Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25659 (GCVE-0-2026-25659)
Vulnerability from cvelistv5 – Published: 2026-06-05 11:08 – Updated: 2026-06-05 20:11
VLAI
Title
Ericsson Packet Core Gateway (PCG) - Improper handling of missing values Vulnerability
Summary
Ericsson
Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling
of Missing Values (CWE-230) vulnerability where an attacker continuously
sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers from the crashes when the attack stops.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-230 - Improper handling of missing values
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Packet Core Gateway (PCG) |
Affected:
0 , < 1.30
(1.30)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25659",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-05T20:11:16.225932Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T20:11:23.341Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Packet Core Gateway (PCG)",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "1.30",
"status": "unaffected"
}
],
"lessThan": "1.30",
"status": "affected",
"version": "0",
"versionType": "1.30"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Clemens Keil, Manfred Heinz, Patrick Walker of BDO Cyber Security GmbH"
},
{
"lang": "en",
"type": "finder",
"value": "BSI 5G/6G Security Lab TEMIS (Federal Office for Information Security, Germany)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eEricsson\nPacket Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling\nof Missing Values (CWE-230) vulnerability where an attacker continuously\nsending a specially crafted message can cause service degradation.\u0026nbsp;\u003cspan\u003eThe impact continues as long the attack persists but the system recovers from the crashes when the attack stops.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "Ericsson\nPacket Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling\nof Missing Values (CWE-230) vulnerability where an attacker continuously\nsending a specially crafted message can cause service degradation.\u00a0The impact continues as long the attack persists but the system recovers from the crashes when the attack stops."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-230",
"description": "CWE-230 Improper handling of missing values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T11:08:39.929Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/cve-2026-25659"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Packet Core Gateway (PCG) - Improper handling of missing values Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2026-25659",
"datePublished": "2026-06-05T11:08:39.929Z",
"dateReserved": "2026-02-04T12:41:54.869Z",
"dateUpdated": "2026-06-05T20:11:23.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25658 (GCVE-0-2026-25658)
Vulnerability from cvelistv5 – Published: 2026-06-05 11:06 – Updated: 2026-06-05 20:11
VLAI
Title
Ericsson Packet Core Gateway (PCG) - Improper handling of missing values Vulnerability
Summary
Ericsson
Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling
of Missing Values (CWE-230) vulnerability where an attacker continuously
sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers from the crashes when the attack stops.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-230 - Improper handling of missing values
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Packet Core Gateway (PCG) |
Affected:
0 , < 1.30
(1.30)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25658",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-05T20:11:36.044286Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T20:11:42.365Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Packet Core Gateway (PCG)",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "1.30",
"status": "unaffected"
}
],
"lessThan": "1.30",
"status": "affected",
"version": "0",
"versionType": "1.30"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Clemens Keil, Manfred Heinz, Patrick Walker of BDO Cyber Security GmbH"
},
{
"lang": "en",
"type": "finder",
"value": "BSI 5G/6G Security Lab TEMIS (Federal Office for Information Security, Germany)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eEricsson\nPacket Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling\nof Missing Values (CWE-230) vulnerability where an attacker continuously\nsending a specially crafted message can cause service degradation.\u0026nbsp;\u003cspan\u003eThe impact continues as long the attack persists but the system recovers from the crashes when the attack stops.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "Ericsson\nPacket Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling\nof Missing Values (CWE-230) vulnerability where an attacker continuously\nsending a specially crafted message can cause service degradation.\u00a0The impact continues as long the attack persists but the system recovers from the crashes when the attack stops."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-230",
"description": "CWE-230 Improper handling of missing values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T11:06:27.504Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/cve-2026-25658"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Packet Core Gateway (PCG) - Improper handling of missing values Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2026-25658",
"datePublished": "2026-06-05T11:06:27.504Z",
"dateReserved": "2026-02-04T12:41:54.869Z",
"dateUpdated": "2026-06-05T20:11:42.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25657 (GCVE-0-2026-25657)
Vulnerability from cvelistv5 – Published: 2026-06-05 11:03 – Updated: 2026-06-05 20:11
VLAI
Title
Ericsson Packet Core Gateway (PCG) - Improper Handling of Syntactically Invalid Structure Vulnerability
Summary
Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure (CWE-228) vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers from the crashes when the attack stops.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Packet Core Gateway (PCG) |
Affected:
0 , < 1.30
(1.30)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25657",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-05T20:11:51.419993Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T20:11:57.051Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Packet Core Gateway (PCG)",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "1.30",
"status": "unaffected"
}
],
"lessThan": "1.30",
"status": "affected",
"version": "0",
"versionType": "1.30"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Clemens Keil, Manfred Heinz, Patrick Walker of BDO Cyber Security GmbH"
},
{
"lang": "en",
"type": "finder",
"value": "BSI 5G/6G Security Lab TEMIS (Federal Office for Information Security, Germany)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eEricsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure (CWE-228) vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers from the crashes when the attack stops.\u003c/p\u003e"
}
],
"value": "Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure (CWE-228) vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers from the crashes when the attack stops."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-228",
"description": "CWE-228",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T11:03:02.273Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/cve-2026-25657"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Packet Core Gateway (PCG) - Improper Handling of Syntactically Invalid Structure Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2026-25657",
"datePublished": "2026-06-05T11:03:02.273Z",
"dateReserved": "2026-02-04T12:41:54.869Z",
"dateUpdated": "2026-06-05T20:11:57.051Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25660 (GCVE-0-2026-25660)
Vulnerability from cvelistv5 – Published: 2026-04-24 13:10 – Updated: 2026-04-24 13:51 X_Open Source
VLAI
Title
Authentication bypass for certain API calls
Summary
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
Authentication bypass occurs when the URL ends with Authentication with certain function calls. This bypass allows assigning arbitrary permission to any user existing in CodeChecker.
This issue affects CodeChecker: through 6.27.3.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/Ericsson/codechecker/security/… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | CodeChecker |
Affected:
0 , ≤ 6.27.3
(python)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25660",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-24T13:50:59.651031Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T13:51:11.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CodeChecker",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "6.27.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.27.3",
"status": "affected",
"version": "0",
"versionType": "python"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Scott Tolley"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eCodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \u003c/span\u003e\u003cbr\u003e\u003cp\u003eAuthentication bypass occurs when the URL ends with Authentication with certain function calls.\u0026nbsp; This bypass allows assigning arbitrary permission to any user existing in CodeChecker.\u003c/p\u003e\u003cp\u003eThis issue affects CodeChecker: through 6.27.3.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \nAuthentication bypass occurs when the URL ends with Authentication with certain function calls.\u00a0 This bypass allows assigning arbitrary permission to any user existing in CodeChecker.\n\nThis issue affects CodeChecker: through 6.27.3."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/S:N/AU:Y/R:U/V:C/RE:M/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication bypass by spoofing",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T13:10:26.171Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-4v9x-cqc5-j645"
}
],
"source": {
"discovery": "INTERNAL"
},
"tags": [
"x_open-source"
],
"title": "Authentication bypass for certain API calls",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2026-25660",
"datePublished": "2026-04-24T13:10:26.171Z",
"dateReserved": "2026-02-04T12:41:54.869Z",
"dateUpdated": "2026-04-24T13:51:11.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-53828 (GCVE-0-2024-53828)
Vulnerability from cvelistv5 – Published: 2026-04-01 09:49 – Updated: 2026-04-01 12:39
VLAI
Title
Ericsson Packet Core Controller (PCC) - Improper Handling of Syntactically Invalid Structure Vulnerability
Summary
Ericsson Packet Core Controller (PCC) versions prior
to 1.38 contain a vulnerability where an attacker sending a large volume of
specially crafted messages may cause service degradation.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Packet Core Controller (PCC) |
Affected:
0 , < 1.38
(1.38)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-53828",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T12:39:12.844626Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T12:39:41.380Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Packet Core Controller (PCC)",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "1.38",
"status": "unaffected"
}
],
"lessThan": "1.38",
"status": "affected",
"version": "0",
"versionType": "1.38"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "The UK\u2019s National Cyber Security Centre (NCSC)"
},
{
"lang": "en",
"type": "finder",
"value": "The UK Telecoms Lab (UKTL)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ericsson Packet Core Controller (PCC) versions prior\nto 1.38 contain a vulnerability where an attacker sending a large volume of\nspecially crafted messages may cause service degradation."
}
],
"value": "Ericsson Packet Core Controller (PCC) versions prior\nto 1.38 contain a vulnerability where an attacker sending a large volume of\nspecially crafted messages may cause service degradation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-228",
"description": "CWE-228",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T09:49:18.214Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/CVE-2024-53828"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Packet Core Controller (PCC) - Improper Handling of Syntactically Invalid Structure Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2024-53828",
"datePublished": "2026-04-01T09:49:18.214Z",
"dateReserved": "2024-11-22T14:21:37.002Z",
"dateUpdated": "2026-04-01T12:39:41.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40842 (GCVE-0-2025-40842)
Vulnerability from cvelistv5 – Published: 2026-03-25 13:10 – Updated: 2026-03-25 13:44
VLAI
Title
Ericsson Indoor Connect 8855 - Improper Neutralization of Input During Web Page Generation Vulnerability
Summary
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a
Cross-Site Scripting (XSS) vulnerability which, if exploited, can lead to
unauthorized disclosure and modification of certain information.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper neutralization of input during web page generation ('cross-site scripting')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Indoor Connect 8855 |
Affected:
0 , < 2025.Q3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40842",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T13:44:02.789000Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T13:44:10.955Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Indoor Connect 8855",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "2025.Q3",
"status": "unaffected"
}
],
"lessThan": "2025.Q3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Telstra"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ericsson Indoor Connect 8855 versions prior to 2025.Q3\u0026nbsp;contains a\nCross-Site Scripting (XSS) vulnerability which, if exploited, can lead to\nunauthorized disclosure and modification of certain information.\u0026nbsp;"
}
],
"value": "Ericsson Indoor Connect 8855 versions prior to 2025.Q3\u00a0contains a\nCross-Site Scripting (XSS) vulnerability which, if exploited, can lead to\nunauthorized disclosure and modification of certain information."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T13:15:53.253Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/security-bulletin-indoorconnect-march-2026"
},
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/CVE-2025-40842"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Indoor Connect 8855 - Improper Neutralization of Input During Web Page Generation Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2025-40842",
"datePublished": "2026-03-25T13:10:44.010Z",
"dateReserved": "2025-04-16T08:59:01.744Z",
"dateUpdated": "2026-03-25T13:44:10.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40841 (GCVE-0-2025-40841)
Vulnerability from cvelistv5 – Published: 2026-03-25 13:07 – Updated: 2026-03-25 13:44
VLAI
Title
Ericsson Indoor Connect 8855 - Cross-Site Request Forgery Vulnerability
Summary
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a
Cross-Site Request Forgery (CSRF) vulnerability which, if exploited, can lead
to unauthorized modification of certain information.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-352 - Cross-Site request forgery (CSRF)
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Indoor Connect 8855 |
Affected:
0 , < 2025.Q3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40841",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T13:44:36.014812Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T13:44:45.962Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Indoor Connect 8855",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "2025.Q3",
"status": "unaffected"
}
],
"lessThan": "2025.Q3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Telstra"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ericsson Indoor Connect 8855 versions prior to 2025.Q3\u0026nbsp;contains a\nCross-Site Request Forgery (CSRF) vulnerability which, if exploited, can lead\nto unauthorized modification of certain information.\u0026nbsp;"
}
],
"value": "Ericsson Indoor Connect 8855 versions prior to 2025.Q3\u00a0contains a\nCross-Site Request Forgery (CSRF) vulnerability which, if exploited, can lead\nto unauthorized modification of certain information."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site request forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T13:17:23.852Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/security-bulletin-indoorconnect-march-2026"
},
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/CVE-2025-40841"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Indoor Connect 8855 - Cross-Site Request Forgery Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2025-40841",
"datePublished": "2026-03-25T13:07:53.229Z",
"dateReserved": "2025-04-16T08:59:01.744Z",
"dateUpdated": "2026-03-25T13:44:45.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-27260 (GCVE-0-2025-27260)
Vulnerability from cvelistv5 – Published: 2026-03-25 12:54 – Updated: 2026-03-25 13:50
VLAI
Title
Ericsson Indoor Connect 8855 - Improper Filtering of Special Elements Vulnerability
Summary
Ericsson
Indoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special
Elements vulnerability which, if exploited, can lead to unauthorized
modification of certain information
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Indoor Connect 8855 |
Affected:
0 , < 2025.Q3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27260",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T13:50:26.371520Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T13:50:33.976Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Indoor Connect 8855",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "2025.Q3",
"status": "unaffected"
}
],
"lessThan": "2025.Q3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Telstra"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ericsson\nIndoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special\nElements\u0026nbsp;vulnerability which, if exploited, can lead to unauthorized\nmodification of certain information"
}
],
"value": "Ericsson\nIndoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special\nElements\u00a0vulnerability which, if exploited, can lead to unauthorized\nmodification of certain information"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-790",
"description": "CWE-790",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T13:18:23.060Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/security-bulletin-indoorconnect-march-2026"
},
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/CVE-2025-27260"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Indoor Connect 8855 - Improper Filtering of Special Elements Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2025-27260",
"datePublished": "2026-03-25T12:54:46.406Z",
"dateReserved": "2025-02-21T08:58:20.367Z",
"dateUpdated": "2026-03-25T13:50:33.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40843 (GCVE-0-2025-40843)
Vulnerability from cvelistv5 – Published: 2025-10-28 18:49 – Updated: 2025-10-28 19:30 X_Open Source
VLAI
Title
Buffer overflow in CodeChecker log command
Summary
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command.
This issue affects CodeChecker: through 6.26.1.
Severity
5.9 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack based buffer overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/Ericsson/codechecker/security/… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | CodeChecker |
Affected:
0 , ≤ 6.26.1
(python)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40843",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-28T19:30:15.826239Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-28T19:30:25.737Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "CodeChecker",
"vendor": "Ericsson",
"versions": [
{
"lessThanOrEqual": "6.26.1",
"status": "affected",
"version": "0",
"versionType": "python"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \u003c/span\u003e\u003cbr\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cp\u003eCodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal \u003ccode\u003eldlogger\u003c/code\u003e\u0026nbsp;library, which is executed by the \u003ccode\u003eCodeChecker log\u003c/code\u003e\u0026nbsp;command.\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects CodeChecker: through 6.26.1.\u003c/p\u003e"
}
],
"value": "CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \n\n\n\n\nCodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger\u00a0library, which is executed by the CodeChecker log\u00a0command.\n\n\n\n\n\nThis issue affects CodeChecker: through 6.26.1."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack based buffer overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-28T18:49:49.516Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-5xf2-f6ch-6p8r"
}
],
"source": {
"discovery": "INTERNAL"
},
"tags": [
"x_open-source"
],
"title": "Buffer overflow in CodeChecker log command",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2025-40843",
"datePublished": "2025-10-28T18:49:49.516Z",
"dateReserved": "2025-04-16T08:59:01.744Z",
"dateUpdated": "2025-10-28T19:30:25.737Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0636 (GCVE-0-2025-0636)
Vulnerability from cvelistv5 – Published: 2025-10-13 06:26 – Updated: 2025-10-14 13:25
VLAI
Title
Arbitrary Code Execution vulnerability in Ericsson RAN Compute and Site Controller
Summary
EMCLI contains a high severity vulnerability where improper neutralization of special elements used in an OS command could be exploited leading to Arbitrary Code Execution.
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Site Controller 6610 |
Affected:
0 , < S24.Q2
(custom)
|
|
| Ericsson | RAN Compute (all BB versions) |
Affected:
0 , < 24.Q1.C5
(custom)
|
Date Public
2025-10-10 06:50
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0636",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T13:25:34.279595Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T13:25:42.989Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Site Controller 6610",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "S24.Q2, S24.Q3.1 S24.Q4 S25.Q1",
"status": "unaffected"
}
],
"lessThan": "S24.Q2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RAN Compute (all BB versions)",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "4.Q1.C5 24.Q2 24.Q3 24.Q4 25.Q1 RCG123.1 RCG123.2 RCG123.3",
"status": "unaffected"
}
],
"lessThan": "24.Q1.C5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-10-10T06:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEMCLI contains a high severity vulnerability where improper neutralization of special elements used in an OS command could be exploited leading to Arbitrary Code Execution. \u0026nbsp; \u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "EMCLI contains a high severity vulnerability where improper neutralization of special elements used in an OS command could be exploited leading to Arbitrary Code Execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-13T06:26:16.829Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/cve-2025-0636"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary Code Execution vulnerability in Ericsson RAN Compute and Site Controller",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2025-0636",
"datePublished": "2025-10-13T06:26:16.829Z",
"dateReserved": "2025-01-22T10:46:30.753Z",
"dateUpdated": "2025-10-14T13:25:42.989Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-27258 (GCVE-0-2025-27258)
Vulnerability from cvelistv5 – Published: 2025-10-13 06:25 – Updated: 2025-10-14 15:29
VLAI
Title
Ericsson Network Manager: escalation of privilege vulnerability
Summary
Ericsson Network Manager (ENM) versions prior to ENM 25.1 GA contain a vulnerability, if exploited, can result in an escalation of privilege.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Ericsson Network Manager(ENM) |
Affected:
0 , < 25.1
(custom)
|
Date Public
2025-10-10 07:31
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27258",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T15:29:36.817155Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T15:29:59.253Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Ericsson Network Manager(ENM)",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "Version 25.1 or later",
"status": "unaffected"
}
],
"lessThan": "25.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ericsson would like to thank the following personnel from TIM Security Red Team Research for reporting these issues to us: Andrea Carlo Maria Dattola, Cristina Coppola, Carlo Pannullo, Massimiliano Brolli"
}
],
"datePublic": "2025-10-10T07:31:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;Ericsson Network Manager (ENM) versions prior to ENM 25.1 GA contain a vulnerability, if exploited, can result in an escalation of privilege.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Ericsson Network Manager (ENM) versions prior to ENM 25.1 GA contain a vulnerability, if exploited, can result in an escalation of privilege."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-13T06:25:32.326Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/security-bulletin-enm-october-2025"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Network Manager: escalation of privilege vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2025-27258",
"datePublished": "2025-10-13T06:25:32.326Z",
"dateReserved": "2025-02-21T08:58:20.366Z",
"dateUpdated": "2025-10-14T15:29:59.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-27259 (GCVE-0-2025-27259)
Vulnerability from cvelistv5 – Published: 2025-10-13 06:16 – Updated: 2025-10-14 16:06
VLAI
Title
Ericsson Network Manager: improper neutralization of user controlled input
Summary
Ericsson Network Manager versions prior to ENM 25.2 GA contain a vulnerability that, if exploited, can exfiltrate limited data or redirect victims to other sites or domains.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Ericsson Network Manager(ENM) |
Affected:
0 , < all versions prior to 25.2
(custom)
|
Date Public
2025-10-10 07:31
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27259",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T16:01:04.095742Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:06:38.469Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Ericsson Network Manager(ENM)",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "Version 25.2 or later",
"status": "unaffected"
}
],
"lessThan": "all versions prior to 25.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ericsson would like to thank the following personnel from TIM Security Red Team Research for reporting these issues to us: Andrea Carlo Maria Dattola, Cristina Coppola, Carlo Pannullo, Massimiliano Brolli"
}
],
"datePublic": "2025-10-10T07:31:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEricsson Network Manager versions prior to ENM 25.2 GA contain a vulnerability that, if exploited, can exfiltrate limited data or redirect victims to other sites or domains. \u0026nbsp;\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Ericsson Network Manager versions prior to ENM 25.2 GA contain a vulnerability that, if exploited, can exfiltrate limited data or redirect victims to other sites or domains."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 2.4,
"baseSeverity": "LOW",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-13T06:16:37.104Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/security-bulletin-enm-october-2025"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Network Manager: improper neutralization of user controlled input",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2025-27259",
"datePublished": "2025-10-13T06:16:37.104Z",
"dateReserved": "2025-02-21T08:58:20.367Z",
"dateUpdated": "2025-10-14T16:06:38.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40838 (GCVE-0-2025-40838)
Vulnerability from cvelistv5 – Published: 2025-09-25 14:54 – Updated: 2025-09-30 12:15
VLAI
Title
Ericsson Indoor Connect 8855 - Insufficiently Protected Credentials Vulnerability
Summary
Ericsson Indoor Connect 8855 contains a vulnerability where server-side security can be bypassed in the client which if exploited can lead to unauthorized disclosure of certain information.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Indoor Connect 8855 |
Affected:
0 , < 2025.Q2
(Indoor Connect 8855)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40838",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-25T15:44:16.433331Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T15:48:09.737Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Indoor Connect 8855",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "2025.Q2",
"status": "unaffected"
}
],
"lessThan": "2025.Q2",
"status": "affected",
"version": "0",
"versionType": "Indoor Connect 8855"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Telstra"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEricsson Indoor Connect 8855 contains a vulnerability where server-side security can be bypassed in the client which if exploited can lead to unauthorized disclosure of certain information.\u003c/span\u003e"
}
],
"value": "Ericsson Indoor Connect 8855 contains a vulnerability where server-side security can be bypassed in the client which if exploited can lead to unauthorized disclosure of certain information."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T12:15:44.492Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/e2025-09-25"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Indoor Connect 8855 - Insufficiently Protected Credentials Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2025-40838",
"datePublished": "2025-09-25T14:54:43.229Z",
"dateReserved": "2025-04-16T08:59:01.744Z",
"dateUpdated": "2025-09-30T12:15:44.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40837 (GCVE-0-2025-40837)
Vulnerability from cvelistv5 – Published: 2025-09-25 14:52 – Updated: 2025-09-30 12:15
VLAI
Title
Ericsson Indoor Connect 8855 - Missing Authorization Vulnerability
Summary
Ericsson Indoor Connect 8855 contains a missing authorization vulnerability which if exploited can allow access to the system as a user with higher privileges than intended.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Indoor Connect 8855 |
Affected:
0 , < 2025.Q2
(Indoor Connect 8855)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40837",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-25T15:44:22.046103Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T15:48:15.172Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Indoor Connect 8855",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "2025.Q2",
"status": "unaffected"
}
],
"lessThan": "2025.Q2",
"status": "affected",
"version": "0",
"versionType": "Indoor Connect 8855"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Telstra"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEricsson Indoor Connect 8855 contains a missing authorization vulnerability which if exploited can allow access to the system as a user with higher privileges than intended.\u003c/span\u003e"
}
],
"value": "Ericsson Indoor Connect 8855 contains a missing authorization vulnerability which if exploited can allow access to the system as a user with higher privileges than intended."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T12:15:13.648Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/e2025-09-25"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Indoor Connect 8855 - Missing Authorization Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2025-40837",
"datePublished": "2025-09-25T14:52:23.376Z",
"dateReserved": "2025-04-16T08:59:01.744Z",
"dateUpdated": "2025-09-30T12:15:13.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40836 (GCVE-0-2025-40836)
Vulnerability from cvelistv5 – Published: 2025-09-25 14:49 – Updated: 2025-09-30 12:14
VLAI
Title
Ericsson Indoor Connect 8855 - Improper Input Validation Vulnerability
Summary
Ericsson Indoor Connect 8855 contains an improper input validation vulnerability which if exploited can allow an attacker to execute commands with escalated privileges.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Indoor Connect 8855 |
Affected:
0 , < 2025.Q2
(Indoor Connect 8855)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40836",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-25T15:44:35.263809Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T15:48:27.041Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Indoor Connect 8855",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "2025.Q2",
"status": "unaffected"
}
],
"lessThan": "2025.Q2",
"status": "affected",
"version": "0",
"versionType": "Indoor Connect 8855"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Telstra"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEricsson Indoor Connect 8855 contains an improper input validation vulnerability which if exploited can allow an attacker to execute commands with escalated privileges.\u003c/span\u003e"
}
],
"value": "Ericsson Indoor Connect 8855 contains an improper input validation vulnerability which if exploited can allow an attacker to execute commands with escalated privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T12:14:36.904Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/e2025-09-25"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Indoor Connect 8855 - Improper Input Validation Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2025-40836",
"datePublished": "2025-09-25T14:49:02.613Z",
"dateReserved": "2025-04-16T08:59:01.744Z",
"dateUpdated": "2025-09-30T12:14:36.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-27262 (GCVE-0-2025-27262)
Vulnerability from cvelistv5 – Published: 2025-09-25 14:43 – Updated: 2025-09-30 12:13
VLAI
Title
Ericsson Indoor Connect 8855 - Improper Neutralization of Special Elements used in an OS Command Vulnerability
Summary
Ericsson Indoor Connect 8855 contains a command injection vulnerability which if exploited can result in an escalation of privileges.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Indoor Connect 8855 |
Affected:
0 , < 2025.Q2
(Indoor Connect 8855)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27262",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-25T15:18:14.273331Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T15:27:05.382Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Indoor Connect 8855",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "2025.Q2",
"status": "unaffected"
}
],
"lessThan": "2025.Q2",
"status": "affected",
"version": "0",
"versionType": "Indoor Connect 8855"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Telstra"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEricsson Indoor Connect 8855 contains a command injection vulnerability which if exploited can result in an escalation of privileges.\u003c/span\u003e"
}
],
"value": "Ericsson Indoor Connect 8855 contains a command injection vulnerability which if exploited can result in an escalation of privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T12:13:16.746Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/e2025-09-25"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Indoor Connect 8855 - Improper Neutralization of Special Elements used in an OS Command Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2025-27262",
"datePublished": "2025-09-25T14:43:29.803Z",
"dateReserved": "2025-02-21T08:58:20.367Z",
"dateUpdated": "2025-09-30T12:13:16.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-27261 (GCVE-0-2025-27261)
Vulnerability from cvelistv5 – Published: 2025-09-25 13:47 – Updated: 2025-09-30 12:12
VLAI
Title
Ericsson Indoor Connect 8855 - Improper Neutralization of Special Elements used in an SQL Command Vulnerability
Summary
Ericsson Indoor Connect 8855 contains an SQL injection vulnerability which if exploited can result in unauthorized disclosure or modification of data.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Indoor Connect 8855 |
Affected:
0 , < 2025.Q2
(Indoor Connect 8855)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27261",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-25T14:30:26.479892Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T14:30:40.991Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Indoor Connect 8855",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "2025.Q2",
"status": "unaffected"
}
],
"lessThan": "2025.Q2",
"status": "affected",
"version": "0",
"versionType": "Indoor Connect 8855"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Telstra"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEricsson Indoor Connect 8855 contains an SQL injection vulnerability which if exploited can result in unauthorized disclosure or modification of data.\u003c/span\u003e"
}
],
"value": "Ericsson Indoor Connect 8855 contains an SQL injection vulnerability which if exploited can result in unauthorized disclosure or modification of data."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T12:12:39.842Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/e2025-09-25"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Indoor Connect 8855 - Improper Neutralization of Special Elements used in an SQL Command Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2025-27261",
"datePublished": "2025-09-25T13:47:06.233Z",
"dateReserved": "2025-02-21T08:58:20.367Z",
"dateUpdated": "2025-09-30T12:12:39.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25011 (GCVE-0-2024-25011)
Vulnerability from cvelistv5 – Published: 2025-09-18 11:38 – Updated: 2025-09-18 13:31
VLAI
Title
Ericsson Catalog Manager and Ericsson Order Care - Exposure of Sensitive Information Vulnerability
Summary
Ericsson Catalog Manager and Ericsson Order Care APIs do not have authentication enabled by default. Authentication checks can be configured to remediate the information disclosure issue.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Ericsson Catalog Manager |
Affected:
0 , ≤ 22.6
(custom)
|
|
| Ericsson | Ericsson Order Care |
Affected:
0 , ≤ 22.6
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25011",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-18T13:31:25.336493Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-18T13:31:46.260Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Ericsson Catalog Manager",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "22.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "22.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Ericsson Order Care",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "22.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "22.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ericsson Catalog Manager and Ericsson Order Care APIs do not have authentication enabled by default. Authentication checks can be configured to remediate the information disclosure issue."
}
],
"value": "Ericsson Catalog Manager and Ericsson Order Care APIs do not have authentication enabled by default. Authentication checks can be configured to remediate the information disclosure issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-18T11:38:18.371Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/cve-2024-25011"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Catalog Manager and Ericsson Order Care - Exposure of Sensitive Information Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "If you are unable to upgrade to the fixed versions where the required flag will be enabled by default, authentication checks can be configured under System Configuration to remediate the issue."
}
],
"value": "If you are unable to upgrade to the fixed versions where the required flag will be enabled by default, authentication checks can be configured under System Configuration to remediate the issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2024-25011",
"datePublished": "2025-09-18T11:38:18.371Z",
"dateReserved": "2024-02-02T21:33:13.076Z",
"dateUpdated": "2025-09-18T13:31:46.260Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25010 (GCVE-0-2024-25010)
Vulnerability from cvelistv5 – Published: 2025-05-22 10:14 – Updated: 2025-05-22 13:20
VLAI
Title
Ericsson RAN Compute and Site Controller 6610 - Improper Input Validation Vulnerability
Summary
Ericsson RAN Compute
and Site Controller 6610 contains in certain configurations a high severity
vulnerability where improper input validation could be exploited leading to arbitrary code execution.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Ericsson RAN Compute Basebands (all BB variants) |
Affected:
0 , < 24.Q4
(Ericsson RAN Compute Basebands)
Affected: 0 , < RCG123.1-4 (Ericsson RAN Compute Basebands) |
|
| Ericsson | Site Controller 6610 |
Affected:
0 , < S24.Q4
(Site Controller 6610)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25010",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-22T13:20:07.773600Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T13:20:33.943Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Ericsson RAN Compute Basebands (all BB variants)",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "24.Q4",
"status": "unaffected"
},
{
"at": "24.Q3.IP2",
"status": "unaffected"
},
{
"at": "24.Q2.C2",
"status": "unaffected"
},
{
"at": "24.Q1.C3",
"status": "unaffected"
},
{
"at": "P-23.Q4.C5-1",
"status": "unaffected"
},
{
"at": "P-23.Q3.C6-1",
"status": "unaffected"
},
{
"at": "P-23.Q2.C6-1",
"status": "unaffected"
}
],
"lessThan": "24.Q4",
"status": "affected",
"version": "0",
"versionType": "Ericsson RAN Compute Basebands"
},
{
"changes": [
{
"at": "RCG123.1-4",
"status": "unaffected"
}
],
"lessThan": "RCG123.1-4",
"status": "affected",
"version": "0",
"versionType": "Ericsson RAN Compute Basebands"
}
]
},
{
"defaultStatus": "affected",
"product": "Site Controller 6610",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "S24.Q4",
"status": "unaffected"
}
],
"lessThan": "S24.Q4",
"status": "affected",
"version": "0",
"versionType": "Site Controller 6610"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\n\n\n\n\n\n\n\n\n\n\u003c/p\u003e\u003cp\u003eEricsson RAN Compute\nand Site Controller 6610 contains in certain configurations a high severity\nvulnerability where improper input validation could be exploited leading to arbitrary code execution.\u003c/p\u003e\n\n\n\n\n\n\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Ericsson RAN Compute\nand Site Controller 6610 contains in certain configurations a high severity\nvulnerability where improper input validation could be exploited leading to arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T10:14:00.320Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/CVE-2024-25010"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson RAN Compute and Site Controller 6610 - Improper Input Validation Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2024-25010",
"datePublished": "2025-05-22T10:14:00.320Z",
"dateReserved": "2024-02-02T21:33:13.076Z",
"dateUpdated": "2025-05-22T13:20:33.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-53827 (GCVE-0-2024-53827)
Vulnerability from cvelistv5 – Published: 2025-05-16 07:11 – Updated: 2025-05-16 15:29
VLAI
Title
Ericsson Packet Core Controller (PCC) - Improper Input Validation Vulnerability
Summary
Ericsson Packet Core Controller (PCC) contains a
vulnerability where an attacker sending a large volume of specially
crafted messages may cause service degradation
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Packet Core Controller |
Affected:
0 , < 1.36
(Ericsson Packet Core Controller (PCC))
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-53827",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-16T15:29:36.801005Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T15:29:55.177Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Packet Core Controller",
"vendor": "Ericsson",
"versions": [
{
"changes": [
{
"at": "1.36",
"status": "unaffected"
}
],
"lessThan": "1.36",
"status": "affected",
"version": "0",
"versionType": "Ericsson Packet Core Controller (PCC)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "The UK\u2019s National Cyber Security Centre (NCSC)"
},
{
"lang": "en",
"type": "finder",
"value": "The UK Telecoms Lab (UKTL)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eEricsson Packet Core Controller (PCC) contains a\nvulnerability where an attacker sending a large volume of specially\ncrafted messages may cause service degradation\u003c/p\u003e"
}
],
"value": "Ericsson Packet Core Controller (PCC) contains a\nvulnerability where an attacker sending a large volume of specially\ncrafted messages may cause service degradation"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T07:11:00.367Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/CVE-2024-53827"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Ericsson Packet Core Controller (PCC) - Improper Input Validation Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2024-53827",
"datePublished": "2025-05-16T07:11:00.367Z",
"dateReserved": "2024-11-22T14:21:37.002Z",
"dateUpdated": "2025-05-16T15:29:55.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1300 (GCVE-0-2025-1300)
Vulnerability from cvelistv5 – Published: 2025-02-28 12:47 – Updated: 2025-02-28 14:39 X_Open Source
VLAI
Title
Open redirect in CodeChecker web server
Summary
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
The CodeChecker web server contains an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL. This results in bypassing the protections against CVE-2021-28861, leading to the same open redirect pathway.
This issue affects CodeChecker: through 6.24.5.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/Ericsson/codechecker/security/… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | CodeChecker |
Affected:
0 , ≤ 6.24.5
(python)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1300",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-28T14:38:08.209257Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T14:39:43.357Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CodeChecker",
"vendor": "Ericsson",
"versions": [
{
"lessThanOrEqual": "6.24.5",
"status": "affected",
"version": "0",
"versionType": "python"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCod\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \u003c/span\u003e\u003c/div\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe CodeChecker web server contains an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL. This results in bypassing the protections against CVE-2021-28861, leading to the same open redirect pathway.\u003c/span\u003e\u003c/p\u003e\u003cp\u003eThis issue affects CodeChecker: through 6.24.5.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \n\nThe CodeChecker web server contains an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL. This results in bypassing the protections against CVE-2021-28861, leading to the same open redirect pathway.\n\nThis issue affects CodeChecker: through 6.24.5."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T12:47:19.205Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-g839-x3p3-g5fm"
}
],
"source": {
"advisory": "GHSA-g839-x3p3-g5fm",
"discovery": "INTERNAL"
},
"tags": [
"x_open-source"
],
"title": "Open redirect in CodeChecker web server",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2025-1300",
"datePublished": "2025-02-28T12:47:19.205Z",
"dateReserved": "2025-02-14T12:25:00.628Z",
"dateUpdated": "2025-02-28T14:39:43.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-53829 (GCVE-0-2024-53829)
Vulnerability from cvelistv5 – Published: 2025-01-21 15:07 – Updated: 2025-02-12 20:41 X_Open Source
VLAI
Title
Cross-Site Request Forgery in CodeChecker API
Summary
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
Cross-site request forgery allows an unauthenticated attacker to hijack the authentication of a logged in user, and use the web API with the same permissions, including but not limited to adding, removing or editing products. The attacker needs to know the ID of the available products to modify or delete them. The attacker cannot directly exfiltrate data (view) from CodeChecker, due to being limited to form-based CSRF.
This issue affects CodeChecker: through 6.24.4.
Severity
8.2 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/Ericsson/codechecker/security/… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | CodeChecker |
Affected:
0 , ≤ 6.24.4
(python)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-53829",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T15:57:49.431691Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:21.042Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CodeChecker",
"vendor": "Ericsson",
"versions": [
{
"lessThanOrEqual": "6.24.4",
"status": "affected",
"version": "0",
"versionType": "python"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \u003c/span\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCross-site request forgery allows an unauthenticated attacker to hijack the authentication of a logged in user, and use the web API with the same permissions,\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eincluding but not limited to adding, removing or editing products. The attacker needs to know the ID of the available products to modify or delete them. The attacker cannot directly exfiltrate data (view) from CodeChecker, due to being limited to form-based CSRF.\u003c/span\u003e\u003c/p\u003e\u003cp\u003eThis issue affects CodeChecker: through 6.24.4.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \nCross-site request forgery allows an unauthenticated attacker to hijack the authentication of a logged in user, and use the web API with the same permissions,\u00a0including but not limited to adding, removing or editing products. The attacker needs to know the ID of the available products to modify or delete them. The attacker cannot directly exfiltrate data (view) from CodeChecker, due to being limited to form-based CSRF.\n\nThis issue affects CodeChecker: through 6.24.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T15:07:02.103Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-f8c8-4pm7-w885"
}
],
"source": {
"advisory": "GHSA-f8c8-4pm7-w885",
"discovery": "INTERNAL"
},
"tags": [
"x_open-source"
],
"title": "Cross-Site Request Forgery in CodeChecker API",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2024-53829",
"datePublished": "2025-01-21T15:07:02.103Z",
"dateReserved": "2024-11-22T14:21:37.002Z",
"dateUpdated": "2025-02-12T20:41:21.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10082 (GCVE-0-2024-10082)
Vulnerability from cvelistv5 – Published: 2024-11-06 14:34 – Updated: 2024-11-06 14:59 X_Open Source
VLAI
Summary
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
Authentication method confusion allows logging in as the built-in root user from an external service. The built-in root user up until 6.24.1 is generated in a weak manner, cannot be disabled, and has universal access.This vulnerability allows an attacker who can create an account on an enabled external authentication service, to log in as the root user, and access and control everything that can be controlled via the web interface. The attacker needs to acquire the username of the root user to be successful.
This issue affects CodeChecker: through 6.24.1.
Severity
8.7 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/Ericsson/codechecker/security/… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | CodeChecker |
Affected:
0 , ≤ 6.24.1
(python)
|
|
| ericsson | codechecker |
Affected:
0 , ≤ 6.24.1
(custom)
cpe:2.3:a:ericsson:codechecker:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ericsson:codechecker:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codechecker",
"vendor": "ericsson",
"versions": [
{
"lessThanOrEqual": "6.24.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10082",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T14:54:02.741372Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T14:59:50.972Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CodeChecker",
"vendor": "Ericsson",
"versions": [
{
"lessThanOrEqual": "6.24.1",
"status": "affected",
"version": "0",
"versionType": "python"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \u003c/span\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAuthentication method confusion allows logging in as the built-in root user from an external service. The built-in root user up until 6.24.1 is generated in a weak manner, cannot be disabled, and has universal access.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows an attacker who can create an account on an enabled external authentication service, to log in as the root user, and access and control everything that can be controlled via the web interface.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe attacker needs to acquire the username of the root user to be successful.\u003c/span\u003e\u003c/span\u003e\u003c/p\u003e\u003cp\u003eThis issue affects CodeChecker: through 6.24.1.\u003c/p\u003e"
}
],
"value": "CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \nAuthentication method confusion allows logging in as the built-in root user from an external service. The built-in root user up until 6.24.1 is generated in a weak manner, cannot be disabled, and has universal access.This vulnerability allows an attacker who can create an account on an enabled external authentication service, to log in as the root user, and access and control everything that can be controlled via the web interface.\u00a0The attacker needs to acquire the username of the root user to be successful.\n\nThis issue affects CodeChecker: through 6.24.1."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-305",
"description": "CWE-305",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-842",
"description": "CWE-842",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T14:34:38.263Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-fpm5-2wcj-vfr7"
}
],
"source": {
"discovery": "INTERNAL"
},
"tags": [
"x_open-source"
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2024-10082",
"datePublished": "2024-11-06T14:34:38.263Z",
"dateReserved": "2024-10-17T12:36:52.749Z",
"dateUpdated": "2024-11-06T14:59:50.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10081 (GCVE-0-2024-10081)
Vulnerability from cvelistv5 – Published: 2024-11-06 14:33 – Updated: 2024-11-06 15:01 X_Open Source
VLAI
KEVintel KEV
Summary
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
Authentication bypass occurs when the API URL ends with Authentication. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others. All endpoints, apart from the /Authentication is affected by the vulnerability.
This issue affects CodeChecker: through 6.24.1.
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/Ericsson/codechecker/security/… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | CodeChecker |
Affected:
0 , ≤ 6.24.1
(python)
|
|
| ericsson | codechecker |
Affected:
0 , ≤ 6.24.1
(custom)
cpe:2.3:a:ericsson:codechecker:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ericsson:codechecker:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codechecker",
"vendor": "ericsson",
"versions": [
{
"lessThanOrEqual": "6.24.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10081",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T15:00:25.469782Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T15:01:01.881Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CodeChecker",
"vendor": "Ericsson",
"versions": [
{
"lessThanOrEqual": "6.24.1",
"status": "affected",
"version": "0",
"versionType": "python"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \u003c/span\u003e\u003cbr\u003e\u003cp\u003eAuthentication bypass occurs when the API URL ends with Authentication. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others. \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAll endpoints, apart from the /Authentication is affected by the vulnerability.\u003c/span\u003e\u003c/p\u003e\u003cp\u003eThis issue affects CodeChecker: through 6.24.1.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \nAuthentication bypass occurs when the API URL ends with Authentication. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others. All endpoints, apart from the /Authentication is affected by the vulnerability.\n\nThis issue affects CodeChecker: through 6.24.1."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-420",
"description": "CWE-420",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T14:33:52.497Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-f3f8-vx3w-hp5q"
}
],
"source": {
"discovery": "INTERNAL"
},
"tags": [
"x_open-source"
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2024-10081",
"datePublished": "2024-11-06T14:33:52.497Z",
"dateReserved": "2024-10-17T12:36:50.519Z",
"dateUpdated": "2024-11-06T15:01:01.881Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25009 (GCVE-0-2024-25009)
Vulnerability from cvelistv5 – Published: 2024-08-20 12:00 – Updated: 2024-08-20 13:58
VLAI
Title
Ericsson Packet Core Controller (PCC) - Improper Input Validation Vulnerability
Summary
Ericsson Packet Core Controller (PCC) contains a vulnerability in Access and Mobility Management Function (AMF) where improper input validation can lead to denial of service which may result in service degradation.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Packet Core Controller |
Affected:
0 , < 1.33
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25009",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-20T13:58:33.611762Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T13:58:46.180Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Packet Core Controller",
"vendor": "Ericsson",
"versions": [
{
"lessThan": "1.33",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Radu Balaci and Meghna Patel of Bell Mobility (Canada)"
},
{
"lang": "en",
"type": "finder",
"value": "Benoit Michau of P1 Security (France)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEricsson Packet Core Controller (PCC) contains a vulnerability in Access and Mobility Management Function (AMF) where improper input validation can lead to denial of service which may result in service degradation.\u003c/span\u003e\u003c/p\u003e\n\n\n\n\n\n\u003c/span\u003e"
}
],
"value": "Ericsson Packet Core Controller (PCC) contains a vulnerability in Access and Mobility Management Function (AMF) where improper input validation can lead to denial of service which may result in service degradation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T12:00:51.861Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/security-bulletin-ericsson-packet-core-controller-pcc-august-2024"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to PCC 1.32 CP10, PCC 1.33 or later."
}
],
"value": "Upgrade to PCC 1.32 CP10, PCC 1.33 or later."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Ericsson Packet Core Controller (PCC) - Improper Input Validation Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2024-25009",
"datePublished": "2024-08-20T12:00:51.861Z",
"dateReserved": "2024-02-02T21:33:13.076Z",
"dateUpdated": "2024-08-20T13:58:46.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25008 (GCVE-0-2024-25008)
Vulnerability from cvelistv5 – Published: 2024-08-16 09:42 – Updated: 2024-08-16 13:50
VLAI
Title
Ericsson RAN Compute and Site Controller 6610 - Improper Input Validation Vulnerability
Summary
Ericsson RAN Compute and Site Controller 6610 contains a vulnerability in the Control System where Improper Input Validation can lead to arbitrary code execution, for example to obtain a Linux Shell with the same privileges as the attacker. The attacker would require elevated privileges for example a valid OAM user having the system administrator role to exploit the vulnerability.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Ericsson RAN Compute Basebands (all BB variants) |
Affected:
0 , < 24.Q2
(custom)
|
|
| Ericsson | Site Controller 6610 |
Affected:
0 , < 24.Q2
(custom)
|
|
| ericsson | controller_6610 |
Affected:
0 , < 24.q2
(custom)
cpe:2.3:h:ericsson:controller_6610:*:*:*:*:*:*:*:* |
|
| ericsson | ran_compute |
Affected:
0 , < 24.q2
(custom)
cpe:2.3:h:ericsson:ran_compute:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:ericsson:controller_6610:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "controller_6610",
"vendor": "ericsson",
"versions": [
{
"lessThan": "24.q2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:ericsson:ran_compute:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "ran_compute",
"vendor": "ericsson",
"versions": [
{
"lessThan": "24.q2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25008",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-16T13:14:44.851352Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T13:50:48.465Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Ericsson RAN Compute Basebands (all BB variants)",
"vendor": "Ericsson",
"versions": [
{
"lessThan": "24.Q2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Site Controller 6610",
"vendor": "Ericsson",
"versions": [
{
"lessThan": "24.Q2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ericsson RAN Compute and Site Controller 6610 contains a vulnerability in the Control System where Improper Input Validation can lead to arbitrary code execution, for example to obtain a Linux Shell with the same privileges as the attacker. The attacker would require elevated privileges for example a valid OAM user having the system administrator role to exploit the vulnerability."
}
],
"value": "Ericsson RAN Compute and Site Controller 6610 contains a vulnerability in the Control System where Improper Input Validation can lead to arbitrary code execution, for example to obtain a Linux Shell with the same privileges as the attacker. The attacker would require elevated privileges for example a valid OAM user having the system administrator role to exploit the vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T09:42:21.010Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/security-bulletin-ericsson-ran-compute-august-2024"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEricsson RAN Compute Basebands: Upgrade to \u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e24.Q1 IP1, \u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e23.Q4 C1, \u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e23.Q3 C3, \u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e23.Q2 C5, \u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e23.Q1 C5 LTE only, \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e22.Q4 C6 LTE only\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Ericsson RAN Compute Basebands: Upgrade to 24.Q1 IP1, 23.Q4 C1, 23.Q3 C3, 23.Q2 C5, 23.Q1 C5 LTE only, 22.Q4 C6 LTE only"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSite Controller 6610: Upgrade to 24.Q2\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Site Controller 6610: Upgrade to 24.Q2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Ericsson RAN Compute and Site Controller 6610 - Improper Input Validation Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2024-25008",
"datePublished": "2024-08-16T09:42:21.010Z",
"dateReserved": "2024-02-02T21:33:13.076Z",
"dateUpdated": "2024-08-16T13:50:48.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-49793 (GCVE-0-2023-49793)
Vulnerability from cvelistv5 – Published: 2024-06-24 17:36 – Updated: 2024-08-02 22:01
VLAI
Title
Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`
Summary
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Zip files uploaded to the server endpoint of `CodeChecker store` are not properly sanitized. An attacker, using a path traversal attack, can load and display files on the machine of `CodeChecker server`. The vulnerable endpoint is `/Default/v6.53/CodeCheckerService@massStoreRun`. The path traversal vulnerability allows reading data on the machine of the `CodeChecker server`, with the same permission level as the `CodeChecker server`.
The attack requires a user account on the `CodeChecker server`, with permission to store to a server, and view the stored report. This vulnerability has been patched in version 6.23.
Severity
6.5 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/Ericsson/codechecker/security/… | x_refsource_CONFIRM |
| https://github.com/Ericsson/codechecker/commit/46… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | codechecker |
Affected:
< 6.23.0
|
|
| ericsson | codechecker |
Affected:
0 , < 6.23
(custom)
cpe:2.3:a:ericsson:codechecker:6.23:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ericsson:codechecker:6.23:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codechecker",
"vendor": "ericsson",
"versions": [
{
"lessThan": "6.23",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49793",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T14:37:31.808705Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T14:42:52.007Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:01:26.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-h26w-r4m5-8rrf",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-h26w-r4m5-8rrf"
},
{
"name": "https://github.com/Ericsson/codechecker/commit/46bada41e32f3ba0f6011d5c556b579f6dddf07a",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Ericsson/codechecker/commit/46bada41e32f3ba0f6011d5c556b579f6dddf07a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "codechecker",
"vendor": "Ericsson",
"versions": [
{
"status": "affected",
"version": "\u003c 6.23.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Zip files uploaded to the server endpoint of `CodeChecker store` are not properly sanitized. An attacker, using a path traversal attack, can load and display files on the machine of `CodeChecker server`. The vulnerable endpoint is `/Default/v6.53/CodeCheckerService@massStoreRun`. The path traversal vulnerability allows reading data on the machine of the `CodeChecker server`, with the same permission level as the `CodeChecker server`.\nThe attack requires a user account on the `CodeChecker server`, with permission to store to a server, and view the stored report. This vulnerability has been patched in version 6.23."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T17:36:21.827Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-h26w-r4m5-8rrf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-h26w-r4m5-8rrf"
},
{
"name": "https://github.com/Ericsson/codechecker/commit/46bada41e32f3ba0f6011d5c556b579f6dddf07a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Ericsson/codechecker/commit/46bada41e32f3ba0f6011d5c556b579f6dddf07a"
}
],
"source": {
"advisory": "GHSA-h26w-r4m5-8rrf",
"discovery": "UNKNOWN"
},
"title": "Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-49793",
"datePublished": "2024-06-24T17:36:21.827Z",
"dateReserved": "2023-11-30T13:39:50.863Z",
"dateUpdated": "2024-08-02T22:01:26.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25007 (GCVE-0-2024-25007)
Vulnerability from cvelistv5 – Published: 2024-04-04 18:25 – Updated: 2024-08-01 23:36
VLAI
Title
Ericsson Network Manager - Improper Neutralization of Formula Elements Vulnerability
Summary
Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Formula Elements in a CSV File can lead to code execution or information disclosure. There is limited impact to integrity and availability. The attacker on the adjacent network with administration access can exploit the vulnerability.
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ericsson | Ericsson Network Manager |
Affected:
0 , < 23.1
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25007",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-29T15:15:05.840213Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T15:15:16.869Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.ericsson.com/en/about-us/security/psirt/security-bulletin--ericsson-network-manager-march-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Ericsson Network Manager",
"vendor": "Ericsson",
"versions": [
{
"lessThan": "23.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ericsson thanks Luca Borzacchiello, Andrea Carlo Maria Dattola, Massimiliano Ferraresi, Massimiliano Brolli of TIM Security Red Team Research, TIM S.p.A. for reporting this issue."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEricsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Formula Elements in a CSV File can lead to code execution or information disclosure. There is limited impact to integrity and availability. The attacker on the adjacent network with administration access can exploit the vulnerability.\u003c/span\u003e\n\n"
}
],
"value": "\nEricsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Formula Elements in a CSV File can lead to code execution or information disclosure. There is limited impact to integrity and availability. The attacker on the adjacent network with administration access can exploit the vulnerability.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-04T19:07:37.177Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt/security-bulletin--ericsson-network-manager-march-2024"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to ENM version 23.1 or later."
}
],
"value": "Upgrade to ENM version 23.1 or later."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Ericsson Network Manager - Improper Neutralization of Formula Elements Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2024-25007",
"datePublished": "2024-04-04T18:25:21.681Z",
"dateReserved": "2024-02-02T21:33:13.075Z",
"dateUpdated": "2024-08-01T23:36:21.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39909 (GCVE-0-2023-39909)
Vulnerability from cvelistv5 – Published: 2023-12-07 00:00 – Updated: 2024-08-02 18:18
VLAI
Summary
Ericsson Network Manager before 23.2 mishandles Access Control and thus unauthenticated low-privilege users can access the NCM application.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:18:09.874Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gruppotim.it/it/footer/red-team.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Ericsson Network Manager before 23.2 mishandles Access Control and thus unauthenticated low-privilege users can access the NCM application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-07T17:53:21.576Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-39909",
"datePublished": "2023-12-07T00:00:00.000Z",
"dateReserved": "2023-08-07T00:00:00.000Z",
"dateUpdated": "2024-08-02T18:18:09.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}