Loading
Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application Network Connectivity Manager (NCM) where improper Neutralization of Formula Elements in a CSV File can lead to remote code execution or data leakage via maliciously injected hyperlinks. The attacker would need admin/elevated access to exploit the vulnerability.
Use CWE-1236, Ericsson vendor hub and Network Manager product page to widen CVE-2022-46408 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2023-39909, CVE-2024-25007 and CVE-2025-27258 for nearby disclosures in the same product family. Additional editorial context is available in Why “Low” and “Medium” CVEs Still Breach Networks.