VYPR
Unrated severityNVD Advisory· Published Dec 25, 2023· Updated Aug 3, 2024

CVE-2022-39820

CVE-2022-39820

Description

In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges to the directory /root or /DEPOT, is able to read cleartext credentials to access the web portal NFM-T and control all the PPS Network elements.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • NOKIA/NFM-Tdescription
  • Nokia/NFM-Tllm-fuzzy
    Range: <= R19.9

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.