CVE-2022-39820
- Reference to the description:
- Description:
- In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges to the directory /root or /DEPOT, is able to read cleartext credentials to access the web portal NFM-T and control all the PPS Network elements.
- Last updated date:
- 01/03/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/03/2024
- Reference url to background