Vulnerability Description: Unprotected Storage of Credentials – CWE-256
Software Version: R19.9
NIST: https://nvd.nist.gov/vuln/detail/CVE-2022-39820
CVSv3: 6.5
Severity: Medium
Credits: Luca Di Giuseppe, Alessandro Bosco, Stefano Scipioni, Massimiliano Brolli
Access credentials for the web application are stored in clear text on the filesystem
Step-by-step instructions and PoC
A remote user, authenticated to the operating system, with access privileges to the directory “/root” and “/DEPOT”, is able to read credentials to access the web portal NFM-T and control all the PPS Network elements.
Affected files:
· PATH: “/root/RestUploadManager.xml.DRC”
· PATH: “/DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml”
Below is the evidence with the vulnerability details.
Security Impact
An unauthorized user can access the web application with the highest privileges.
