La Sostenibilità per TIM

Il Report 2024 accoglie i principi della Corporate Sustainability Reporting Directive (CSRD) ed è incluso nella Relazione Finanziaria e di Sostenibilità. Approfondisci

Facebook Twitter Linkedin Copia Link

tag

CVE-2022-39821

CVE-2022-39821 – Nokia 1350 OMS Optical Management System

Vulnerability Description: Insertion of Sensitive Information into Log File - CWE-532

Software Version: R14.2

NIST: https://nvd.nist.gov/vuln/detail/CVE-2022-39821

CVSv3: 7.5

Severity: High

Credits: Luca Carbone, Fabio Romano, Stefano Scipioni, Massimiliano Brolli

In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem.