Unrated severityNVD Advisory· Published Dec 25, 2023· Updated Aug 3, 2024
CVE-2022-39820
CVE-2022-39820
Description
In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges to the directory /root or /DEPOT, is able to read cleartext credentials to access the web portal NFM-T and control all the PPS Network elements.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- NOKIA/NFM-Tdescription
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.