CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2021-32571
https://notcve.org/view.php?id=CVE-2021-32571
14 Oct 2021 — In OSS-RC systems of the release 18B and older during data migration procedures certain files containing usernames and passwords are left in the system undeleted but in folders accessible by top privileged accounts only. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Ericsson Network Manager is a new generation OSS system which OSS-RC customers shall upgrade to En los sistemas OSS-RC de la versión 18B y anteriores, durante los procedimientos de migración de da... • https://www.gruppotim.it/it/innovazione/servizi-digitali/cybersecurity/red-team.html • CWE-459: Incomplete Cleanup •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-32569
https://notcve.org/view.php?id=CVE-2021-32569
14 Oct 2021 — In OSS-RC systems of the release 18B and older customer documentation browsing libraries under ALEX are subject to Cross-Site Scripting. This problem is completely resolved in new Ericsson library browsing tool ELEX used in systems like Ericsson Network Manager. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Ericsson Network Manager is a new generation OSS system which OSS-RC customers shall upgrade to En los sistemas OSS-RC de la versión 18B y anteriores, las... • https://www.gruppotim.it/it/innovazione/servizi-digitali/cybersecurity/red-team.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •