Cross-Site Scripting Vulnerability in OSS-RC Systems by Ericsson
CVE-2021-32569

6.1MEDIUM

Key Information:

Vendor: Ericsson
Status: Operations Support System-radio And Core Firmware
Vendor: CVE Published:; 14 October 2021

What is CVE-2021-32569?

The OSS-RC systems by Ericsson, specifically versions 18B and older, are susceptible to a Cross-Site Scripting (XSS) vulnerability during customer documentation browsing under the ALEX interface. This vulnerability can be exploited by attackers to inject malicious scripts, potentially compromising the confidentiality or integrity of user data. Users are strongly advised to transition to the new Ericsson library browsing tool, ELEX, which effectively addresses and resolves these security concerns. It is vital for organizations to ensure they are using supported product versions to maintain optimal security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.gruppotim.it/it/innovazione/servizi-digitali/...

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Oct 14, 2021
Vulnerability Reserved
May 11, 2021

JSON

Ericsson

What is CVE-2021-32569?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.