CVE-2022-39816

EUVD-2022-42261
In NOKIA 1350 OMS R14.2, Insufficiently Protected Credentials (cleartext administrator password) occur in the edit configuration page. Exploitation requires an authenticated attacker.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
Affected Products (NVD)
VendorProductVersion
nokia1350_optical_management_system
14.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.gruppotim.it/it/footer/red-team.html
https://www.gruppotim.it/it/footer/red-team.html