216.73.216.86

CVE-2024-25011

· Published 18/09/2025 12:15 · Modified 18/09/2025 13:43

Labels: CVE-2024-25011 2025-09-1885b1779b-6ecd-4f52-bcc5-73eac4659dcfCVE-2024-25011CWE-200

Essential information

Published
18/09/2025 12:15
Modified
18/09/2025 13:43
Author
Creator
CVSS
5.3 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS metrics

Description

Ericsson Catalog Manager and Ericsson Order Care APIs do not have authentication enabled by default. Authentication checks can be configured to remediate the information disclosure issue.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
85b1779b-6ecd-4f52-bcc5-73eac4659dcf
NVD
View on NVD

Affected products (CPE)

ProductCPE
ericsson / catalog manager cpe:2.3:a:ericsson:catalog_manager:*:*:*:*:*:*:*:*
ericsson / order care cpe:2.3:a:ericsson:order_care:*:*:*:*:*:*:*:*

References