nvd-json-data-feeds/CVE-2022/CVE-2022-398xx/CVE-2022-39820.json

{
  "id": "CVE-2022-39820",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-12-25T06:15:08.013",
  "lastModified": "2023-12-26T20:34:16.103",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges to the directory /root or /DEPOT, is able to read cleartext credentials to access the web portal NFM-T and control all the PPS Network elements."
    },
    {
      "lang": "es",
      "value": "En Network Element Manager en NOKIA NFM-T R19.9, se produce una vulnerabilidad de almacenamiento de credenciales desprotegidas en /root/RestUploadManager.xml.DRC y /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. Un usuario remoto, autenticado en el sistema operativo, con privilegios de acceso al directorio /root o /DEPOT, puede leer credenciales en texto plano para acceder al portal web NFM-T y controlar todos los elementos de la red PPS."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://www.gruppotim.it/it/footer/red-team.html",
      "source": "cve@mitre.org"
    }
  ]
}
Auto-Update: 2023-12-25T07:00:24.119321+00:00 2023-12-25 07:00:27 +00:00			`{`
			`"id": "CVE-2022-39820",`
			`"sourceIdentifier": "cve@mitre.org",`
			`"published": "2023-12-25T06:15:08.013",`
Auto-Update: 2023-12-26T21:00:25.506229+00:00 2023-12-26 21:00:29 +00:00			`"lastModified": "2023-12-26T20:34:16.103",`
			`"vulnStatus": "Awaiting Analysis",`
Auto-Update: 2023-12-25T07:00:24.119321+00:00 2023-12-25 07:00:27 +00:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges to the directory /root or /DEPOT, is able to read cleartext credentials to access the web portal NFM-T and control all the PPS Network elements."`
Auto-Update: 2023-12-26T21:00:25.506229+00:00 2023-12-26 21:00:29 +00:00			`},`
			`{`
			`"lang": "es",`
			`"value": "En Network Element Manager en NOKIA NFM-T R19.9, se produce una vulnerabilidad de almacenamiento de credenciales desprotegidas en /root/RestUploadManager.xml.DRC y /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. Un usuario remoto, autenticado en el sistema operativo, con privilegios de acceso al directorio /root o /DEPOT, puede leer credenciales en texto plano para acceder al portal web NFM-T y controlar todos los elementos de la red PPS."`
Auto-Update: 2023-12-25T07:00:24.119321+00:00 2023-12-25 07:00:27 +00:00			`}`
			`],`
			`"metrics": {},`
			`"references": [`
			`{`
			`"url": "https://www.gruppotim.it/it/footer/red-team.html",`
			`"source": "cve@mitre.org"`
			`}`
			`]`
			`}`