Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Hit_7300_firmware
(Nokia)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 7 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-09-30 | CVE-2024-28809 | An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in firmware update packages allows attackers to access various appliance services via hardcoded credentials. | Hit_7300_firmware | N/A | ||
| 2024-09-30 | CVE-2024-28810 | An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic files (exported by the @CT application) allows an attacker to achieve loss of confidentiality by analyzing these files. | Hit_7300_firmware | N/A | ||
| 2024-09-30 | CVE-2024-28811 | An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote privileged attacker to execute applications contained in a specific OS directory via HTTP invocations. | Hit_7300_firmware | N/A | ||
| 2024-09-30 | CVE-2024-28813 | An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an unexpected network interface. | Hit_7300_firmware | N/A | ||
| 2024-09-30 | CVE-2024-28812 | An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service (on the local management network interface) with hardcoded credentials allows attackers to access the appliance operating system (with highest privileges) via an SSH connection. | Hit_7300_firmware | N/A | ||
| 2024-09-30 | CVE-2024-28807 | An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information in the memory of the @CT desktop management application allows guest OS administrators to obtain various users' passwords by accessing memory dumps of the desktop application. | Hit_7300_firmware | N/A | ||
| 2024-09-30 | CVE-2024-28808 | An issue was discovered in Infinera hiT 7300 5.60.50. Hidden functionality in the web interface allows a remote authenticated attacker to access reserved information by accessing undocumented web applications. | Hit_7300_firmware | N/A |