Sensitive Information Exposure in Application Log Files

Sensitive Information Exposure in Application Log Files

CVE-2022-39821 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem.

Learn more about our Web App Pen Testing.