Ericsson Network_manager

8 CVEs affecting Ericsson Network_manager. Latest disclosed: 2025-10-13. Critical: 1, High: 2.

Top CVEs affecting Ericsson Network_manager
CVESeverityScorePublishedSummary
CVE-2025-27258Critical9.82025-10-13Ericsson Network Manager (ENM) versions prior to ENM 25.1 GA contain a vulnerability, if exploited, can result in an escalation of privilege.
CVE-2023-39909High8.82023-12-07Ericsson Network Manager before 23.2 mishandles Access Control and thus unauthenticated low-privilege users can access the NCM application.
CVE-2024-25007High7.12024-04-04 Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Fo…
CVE-2022-46408Medium6.82023-06-29Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application Network Connectivity Manager (NCM) where improper Neutraliz…
CVE-2021-28488Medium6.52022-03-10Ericsson Network Manager (ENM) before 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already g…
CVE-2025-27259Medium5.42025-10-13Ericsson Network Manager versions prior to ENM 25.2 GA contain a vulnerability that, if exploited, can exfiltrate limited data or redirect victims to other sit…
CVE-2021-32570Medium4.92022-08-26In Ericsson Network Manager (ENM) releases before 21.2, users belonging to the same AMOS authorization group can retrieve the data from certain log files. All…
CVE-2022-46407Medium4.82023-06-29Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoint “editprofile” where Open Redirect HTTP Header Injection c…