Vulnerabilities for Bscs ix r18 billing & rating admx (...) - CXSECURITY.COM

Vulnerabilities for
'Bscs ix r18 billing \& rating admx'

2020-11-27

CVE-2020-29145

CWE-79

In Ericsson BSCS iX R18 Billing & Rating iX R18, ADMX is a web base module in BSCS iX that is vulnerable to stored XSS via the name or description field to a solutionUnitServlet?SuName=UserReferenceDataSU Access Rights Group. In most test cases, session hijacking was also possible by utilizing the XSS vulnerability. This potentially allows for full account takeover, or exploiting admins' browsers by using the beef framework.

CVE-2020-29144

CWE-79

In Ericsson BSCS iX R18 Billing & Rating iX R18, MX is a web base module in BSCS iX that is vulnerable to stored XSS via an Alert Dashboard comment. In most test cases, session hijacking was also possible by utilizing the XSS vulnerability. This potentially allows for full account takeover, or exploiting admins' browsers by using the beef framework.

>>> Vendor: Ericsson 9 Products

Axc tigris multiservice access platform

Hm220dp adsl modem

Drutt mobile service delivery platform

Network manager

Active library explorer

Bscs ix r18 billing \& rating admx

Bscs ix r18 billing \& rating mx

Network location mps gmpc21

Copyright 2024, cxsecurity.com