CVE-2022-39821
HIGHNOKIA 1350 OMS R14.2 - Sensitive Information Exposure via Log File
Title source: llmDescription
In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.gruppotim.it/it/footer/red-team.html
Scores
CVSS v3
7.5
EPSS
0.0059
EPSS Percentile
43.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-532
Status
published
Products (1)
nokia/1350_optical_management_system
14.2
Published
Sep 13, 2022
Tracked Since
Feb 18, 2026