← Back to CVEs
CVE-2022-39821
HIGH7.5
Description
In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem.
CVE Details
CVSS v3.1 Score7.5
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published9/13/2022
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
nokia:1350_optical_management_system
Weaknesses (CWE)
CWE-532
References
https://www.gruppotim.it/it/footer/red-team.html(cve@mitre.org)
https://www.gruppotim.it/it/footer/red-team.html(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.