{"uuid": "740491fc-04f3-4fc1-aaa7-7cfa50481626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39820", "type": "seen", "source": "https://t.me/arpsyndicate/2192", "content": "#ExploitObserverAlert\n\nCVE-2022-39820\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-39820. In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges to the directory /root or /DEPOT, is able to read cleartext credentials to access the web portal NFM-T and control all the PPS Network elements.", "creation_timestamp": "2023-12-28T04:46:51.000000Z"}