CVE-2024-25011

Ericsson Catalog Manager and Ericsson Order Care - Exposure of Sensitive Information Vulnerability

Description

Ericsson Catalog Manager and Ericsson Order Care APIs do not have authentication enabled by default. Authentication checks can be configured to remediate the information disclosure issue.

INFO

Published Date :

2025-09-18T11:38:18.371Z

Last Modified :

2025-09-18T13:31:46.260Z

Source :

ERIC

AFFECTED PRODUCTS

The following products are affected by CVE-2024-25011 vulnerability.

Vendors	Products
Ericsson	Catalog Manager Order Care

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-25011.

URL	Resource
https://www.ericsson.com/en/about-us/security/psirt/cve-2024-25011

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact