Security Advisory

CVE-2021-28485

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-09-14 00:00:00

Last updated 2024-09-25 19:56:42

Assigner mitre

State PUBLISHED

Description

In Ericsson Mobile Switching Center Server (MSC-S) before IS 3.1 CP22, the SIS web application allows relative path traversal via a specific parameter in the https request after authentication, which allows access to files on the system that are not intended to be accessible via the web application.

← Browse all CVEs View on cve.org ↗