CVE-2024-25008

Ericsson RAN Compute and Site Controller 6610 - Improper Input Validation Vulnerability

Description

Ericsson RAN Compute and Site Controller 6610 contains a vulnerability in the Control System where Improper Input Validation can lead to arbitrary code execution, for example to obtain a Linux Shell with the same privileges as the attacker. The attacker would require elevated privileges for example a valid OAM user having the system administrator role to exploit the vulnerability.

INFO

Published Date :

2024-08-16T09:42:21.010Z

Last Modified :

2024-08-16T13:50:48.465Z

Source :

ERIC

AFFECTED PRODUCTS

The following products are affected by CVE-2024-25008 vulnerability.

Vendors	Products
Ericsson	Controller 6610 Ran Compute

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-25008.

URL	Resource
https://www.ericsson.com/en/about-us/security/psirt/security-bulletin-ericsson-ran-compute-august-2024

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact