Ericsson Drutt Mobile Service Delivery Platform vulnerabilities
3 known vulnerabilities affecting ericsson/drutt_mobile_service_delivery_platform.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2015-2166P3MEDIUMCVSS 5.0PoCv4.0v5.0+1 more2015-04-06
CVE-2015-2166 [MEDIUM] CWE-22 CVE-2015-2166: Directory traversal vulnerability in the Instance Monitor in Ericsson Drutt Mobile Service Delivery
Directory traversal vulnerability in the Instance Monitor in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the default URI.
nvd
CVE-2015-2167P4MEDIUMCVSS 5.8v4.0v5.0+1 more2015-04-06
CVE-2015-2167 [MEDIUM] CVE-2015-2167: Open redirect vulnerability in the 3PI Manager in Ericsson Drutt Mobile Service Delivery Platform (M
Open redirect vulnerability in the 3PI Manager in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter to jsp/start-3pi-manager.jsp.
nvd
CVE-2015-2165P4MEDIUMCVSS 4.3v4.0v5.0+1 more2015-04-06
CVE-2015-2165 [MEDIUM] CWE-79 CVE-2015-2165: Multiple cross-site scripting (XSS) vulnerabilities in the Report Viewer in Ericsson Drutt Mobile Se
Multiple cross-site scripting (XSS) vulnerabilities in the Report Viewer in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4.x, 5.x, and 6.x allow remote attackers to inject arbitrary web script or HTML via the (1) portal, (2) fromDate, (3) toDate, (4) fromTime, (5) toTime, (6) kword, (7) uname, (8) pname, (9) sname, (10) atype, or (11) atitle
nvd