CVE-2022-39816

6.5MEDIUM

Key Information:

Vendor: Nokia
Status: 1350 Optical Management System
Vendor: CVE Published:; 13 September 2022

Summary

In NOKIA 1350 OMS R14.2, Insufficiently Protected Credentials (cleartext administrator password) occur in the edit configuration page. Exploitation requires an authenticated attacker.

References

https://www.gruppotim.it/it/footer/red-team.html

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 13, 2022
Vulnerability Reserved
Sep 5, 2022

Collectors

NVD DatabaseMitre Database