logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-39820

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-39820

Description:
In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges to the directory /root or /DEPOT, is able to read cleartext credentials to access the web portal NFM-T and control all the PPS Network elements.
Last updated date:
01/03/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
01/03/2024
Reference url to background

https://www.gruppotim.it/it/footer/red-team.html

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy