CVSS: 5.0EPSS: 29%CPEs: 3EXPL: 3CVE-2015-2166 – Ericsson Drutt MSDP (Instance Monitor) - Directory Traversal
https://notcve.org/view.php?id=CVE-2015-2166
Directory traversal vulnerability in the Instance Monitor in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the default URI. Vulnerabilidad de salto de directorio en Instance Monitor en Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, y 6 permite a atacantes remotos leer ficheros arbitrarios a través de un ..%2f (punto punto barra oblicua codificada) en la URI por defecto. Ericsson Drutt MSDP (Instance Monitor) versions 4, 5, and 6 suffer from directory traversal and arbitrary file access vulnerabilities. • https://www.exploit-db.com/exploits/36619 https://github.com/K3ysTr0K3R/CVE-2015-2166-EXPLOIT http://packetstormsecurity.com/files/131233/Ericsson-Drutt-MSDP-Instance-Monitor-Directory-Traversal-File-Access.html http://www.securityfocus.com/bid/73901 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 1CVE-2015-2165 – Ericsson Drutt MSDP (Report Viewer) Cross Site Scripting
https://notcve.org/view.php?id=CVE-2015-2165
Multiple cross-site scripting (XSS) vulnerabilities in the Report Viewer in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4.x, 5.x, and 6.x allow remote attackers to inject arbitrary web script or HTML via the (1) portal, (2) fromDate, (3) toDate, (4) fromTime, (5) toTime, (6) kword, (7) uname, (8) pname, (9) sname, (10) atype, or (11) atitle parameter to top-links.jsp; (12) portal or (13) uid parameter to (a) page-summary.jsp or (b) service-summary.jsp; (14) portal, (15) fromDate, (16) toDate, (17) fromTime, (18) toTime, (19) sortDirection, (20) kword, (21) uname, (22) pname, (23) sname, (24) file, (25) atype, or (26) atitle parameter to (c) top-useragent-devices.jsp or (d) top-interest-areas.jsp; (27) fromDate, (28) toDate, (29) fromTime, (30) toTime, (31) sortDirection, (32) kword, (33) uname, (34) pname, (35) sname, (36) file, (37) atype, or (38) atitle parameter to top-message-services.jsp; (39) portal, (40) fromDate, (41) toDate, (42) fromTime, (43) toTime, (44) orderBy, (45) sortDirection, (46) kword, (47) uname, (48) pname, (49) sname, (50) file, (51) atype, or (52) atitle parameter to (e) user-statistics.jsp, (f) top-web-pages.jsp, (g) top-devices.jsp, (h) top-pages.jsp, (i) session-summary.jsp, (j) top-providers.jsp, (k) top-modules.jsp, or (l) top-services.jsp; (53) fromDate, (54) toDate, (55) fromTime, (56) toTime, (57) orderBy, (58) sortDirection, (59) uid, (60) uid2, (61) kword, (62) uname, (63) pname, (64) sname, (65) file, (66) atype, or (67) atitle parameter to message-shortcode-summary.jsp; (68) fromDate, (69) toDate, (70) fromTime, (71) toTime, (72) orderBy, (73) sortDirection, (74) uid, (75) kword, (76) uname, (77) pname, (78) sname, (79) file, (80) atype, or (81) atitle parameter to (m) message-providers-summary.jsp or (n) message-services-summary.jsp; (82) kword, (83) uname, (84) pname, (85) sname, (86) file, (87) atype, or (88) atitle parameter to license-summary.jsp; (89) portal, (90) fromDate, (91) toDate, (92) fromTime, (93) toTime, (94) orderBy, (95) sortDirection, (96) uid, (97) uid2, (98) kword, (99) uname, (100) pname, (101) sname, (102) file, (103) atype, or (104) atitle parameter to useragent-device-summary.jsp; (105) fromDate, (106) toDate, (107) fromTime, (108) toTime, (109) orderBy, (110) sortDirection, (111) kword, (112) uname, (113) pname, (114) sname, (115) file, (116) atype, or (117) atitle parameter to (o) top-message-providers.jsp, (p) top-message-devices.jsp, (q) top-message-assets.jsp, (r) top-message-downloads.jsp, or (s) top-message-shortcode.jsp; (118) fromDate, (119) toDate, (120) fromTime, (121) toTime, (122) kword, (123) uname, (124) pname, (125) sname, (126) file, (127) atype, or (128) atitle parameter to request-summary.jsp; (129) portal parameter to link-summary-select.jsp, (130) provider-summary-select.jsp, or (131) module-summary-select.jsp; (132) portal, (133) uid, (134) kword, (135) uname, (136) pname, (137) sname, (138) file, (139) atype, or (140) atitle parameter to link-summary.jsp; (141) portal, (142) fromDate, (143) toDate, (144) fromTime, (145) toTime, (146) orderBy, (147) sortDirection, (148) uid, (149) kword, (150) uname, (151) pname, (152) sname, (153) file, (154) atype, or (155) atitle parameter to (t) provider-summary.jsp or (u) module-summary.jsp in reports/pages/. Múltiples vulnerabilidades de XSS en el Report Viewer en Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4.x, 5.x, y 6.x permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro (1) portal, (2) fromDate, (3) toDate, (4) fromTime, (5) toTime, (6) kword, (7) uname, (8) pname, (9) sname, (10) atype o (11) atitle en top-links.jsp; el parámetro (12) portal o (13) uid en (a) page-summary.jsp o (b) service-summary.jsp; el parámetro (14) portal, (15) fromDate, (16) toDate, (17) fromTime, (18) toTime, (19) sortDirection, (20) kword, (21) uname, (22) pname, (23) sname, (24) file, (25) atype o (26) atitle en (c) top-useragent-devices.jsp o (d) top-interest-areas.jsp; el parámetro (27) fromDate, (28) toDate, (29) fromTime, (30) toTime, (31) sortDirection, (32) kword, (33) uname, (34) pname, (35) sname, (36) file, (37) atype o (38) atitle en top-message-services.jsp; el parámetro (39) portal, (40) fromDate, (41) toDate, (42) fromTime, (43) toTime, (44) orderBy, (45) sortDirection, (46) kword, (47) uname, (48) pname, (49) sname, (50) file, (51) atype o (52) atitle en (e) user-statistics.jsp, (f) top-web-pages.jsp, (g) top-devices.jsp, (h) top-pages.jsp, (i) session-summary.jsp, (j) top-providers.jsp, (k) top-modules.jsp o (l) top-services.jsp; el parámetro (53) fromDate, (54) toDate, (55) fromTime, (56) toTime, (57) orderBy, (58) sortDirection, (59) uid, (60) uid2, (61) kword, (62) uname, (63) pname, (64) sname, (65) file, (66) atype o (67) atitle en message-shortcode-summary.jsp; el parámetro (68) fromDate, (69) toDate, (70) fromTime, (71) toTime, (72) orderBy, (73) sortDirection, (74) uid, (75) kword, (76) uname, (77) pname, (78) sname, (79) file, (80) atype o (81) atitle en (m) message-providers-summary.jsp o (n) message-services-summary.jsp; el parámetro (82) kword, (83) uname, (84) pname, (85) sname, (86) file, (87) atype o (88) atitle en license-summary.jsp; (89) portal, (90) fromDate, (91) toDate, (92) fromTime, (93) toTime, (94) orderBy, (95) sortDirection, (96) uid, (97) uid2, (98) kword, (99) uname, (100) pname, (101) sname, (102) file, (103) atype o (104) atitle en useragent-device-summary.jsp; el parámetro (105) fromDate, (106) toDate, (107) fromTime, (108) toTime, (109) orderBy, (110) sortDirection, (111) kword, (112) uname, (113) pname, (114) sname, (115) file, (116) atype o (117) atitle en (o) top-message-providers.jsp, (p) top-message-devices.jsp, (q) top-message-assets.jsp, (r) top-message-downloads.jsp o (s) top-message-shortcode.jsp; el parámetro (118) fromDate, (119) toDate, (120) fromTime, (121) toTime, (122) kword, (123) uname, (124) pname, (125) sname, (126) file, (127) atype o (128) atitle en request-summary.jsp; el parámetro (129) portal en link-summary-select.jsp, (130) provider-summary-select.jsp o (131) module-summary-select.jsp; el parámetro (132) portal, (133) uid, (134) kword, (135) uname, (136) pname, (137) sname, (138) file, (139) atype o (140) atitle en link-summary.jsp; el parámetro (141) portal, (142) fromDate, (143) toDate, (144) fromTime, (145) toTime, (146) orderBy, (147) sortDirection, (148) uid, (149) kword, (150) uname, (151) pname, (152) sname, (153) file, (154) atype o (155) atitle en (t) provider-summary.jsp o (u) module-summary.jsp en reports/pages/. Ericsson Drutt MSDP (Report Viewer) versions 4, 5, and 6 suffer from a cross site scripting vulnerability. • http://packetstormsecurity.com/files/131232/Ericsson-Drutt-MSDP-Report-Viewer-Cross-Site-Scripting.html http://www.securityfocus.com/bid/73933 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 1CVE-2015-2167 – Ericsson Drutt MSDP (3PI Manager) Open Redirect
https://notcve.org/view.php?id=CVE-2015-2167
Open redirect vulnerability in the 3PI Manager in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter to jsp/start-3pi-manager.jsp. Vulnerabilidad de redirección abierta en 3PI Manager en Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, y 6 permite a atacantes remotos redirigir usuarios a sitios web arbitrarios y realizar ataques de phishing a través de una URL en el parámetro url en jsp/start-3pi-manager.jsp. Ericsson Drutt MSDP (3PI Manager) versions 4, 5, and 6 suffer from an open redirection vulnerability. • http://packetstormsecurity.com/files/131230/Ericsson-Drutt-MSDP-3PI-Manager-Open-Redirect.html http://www.securityfocus.com/bid/73934 •