Vulnerability Description: Improper Access Control – CWE-284
Software Version: 23.2
NIST: https://nvd.nist.gov/vuln/detail/CVE-2023-39909
CVSv3: 8.8
Severity: High
Credits: Massimiliano Ferraresi, Luca Borzacchiello, Andrea Carlo Maria Dattola, Massimiliano Brolli
Ericsson Network Manager (ENM), versions prior to 23.2, contains a vulnerability where Improper Access Control can lead to unauthenticated users with low privilege to access the NCM application.