Open Redirect Vulnerability in Ericsson Drutt Mobile Service Delivery Platform
CVE-2015-2167
Currently unrated
What is CVE-2015-2167?
The Drutt Mobile Service Delivery Platform from Ericsson contains an open redirect vulnerability within the 3PI Manager component. This weakness allows remote attackers to redirect users to arbitrary websites by manipulating the URL parameter in the jsp/start-3pi-manager.jsp file. Such a vulnerability can be exploited to conduct phishing attacks, putting user credentials and sensitive information at risk. Organizations using affected versions of the NSSP must prioritize mitigation strategies to safeguard users from potential threats.