CVE-2024-25007

HIGH Year: 2024
CVSS v3 Score
7.1
High
Weakness Type
CWE-1236
View all →

Vulnerability Description

Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Formula Elements in a CSV File can lead to code execution or information disclosure. There is limited impact to integrity and availability. The attacker on the adjacent network with administration access can exploit the vulnerability.

Related Vulnerabilities

CVE-2019-4521

HIGH
CVSS:7.0(High)

Platform System Manager in IBM Cloud Pak System 2.3 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv f...

CWE-12362019

CVE-2020-4759

HIGH
CVSS:7.0(High)

IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file cont...

CWE-12362020

CVE-2021-29667

HIGH
CVSS:7.0(High)

IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper vali...

CWE-12362021

CVE-2018-16651

HIGH
CVSS:7.2(High)

The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports.

CWE-12362018

CVE-2022-45078

HIGH
CVSS:7.2(High)

Improper Neutralization of Formula Elements in a CSV File vulnerability in Solwin Infotech User Blocker.This issue affects User Blocker: from n/a through 1.5.5.

CWE-12362022

CVE-2023-23678

HIGH
CVSS:7.2(High)

Improper Neutralization of Formula Elements in a CSV File vulnerability in WPEkaClub WP Cookie Consent ( for GDPR, CCPA & ePrivacy ).This issue affects WP Cookie Consent ( for GDPR, CCPA & ePrivacy ):...

CWE-12362023