NotCVE - vendor:"Infinera" product:"Hit 7300"

5 results (0.002 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28807

https://notcve.org/view.php?id=CVE-2024-28807

30 Sep 2024 — An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information in the memory of the @CT desktop management application allows guest OS administrators to obtain various users' passwords by accessing memory dumps of the desktop application. • https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28807 • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28809

https://notcve.org/view.php?id=CVE-2024-28809

30 Sep 2024 — An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in firmware update packages allows attackers to access various appliance services via hardcoded credentials. • https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28809 • CWE-312: Cleartext Storage of Sensitive Information CWE-798: Use of Hard-coded Credentials •

CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28810

https://notcve.org/view.php?id=CVE-2024-28810

30 Sep 2024 — An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic files (exported by the @CT application) allows an attacker to achieve loss of confidentiality by analyzing these files. • https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28810 • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2024-28812

https://notcve.org/view.php?id=CVE-2024-28812

30 Sep 2024 — An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service (on the local management network interface) with hardcoded credentials allows attackers to access the appliance operating system (with highest privileges) via an SSH connection. • https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28812 • CWE-798: Use of Hard-coded Credentials •

CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28813

https://notcve.org/view.php?id=CVE-2024-28813

30 Sep 2024 — An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an unexpected network interface. • https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28813 • CWE-269: Improper Privilege Management •