CVE-2024-28807

An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information in the memory of the @CT desktop management application allows guest OS administrators to obtain various users' passwords by accessing memory dumps of the desktop application.
References
Link Resource
https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28807 Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:nokia:hit_7300_firmware:5.60.50:*:*:*:*:*:*:*
cpe:2.3:h:nokia:hit_7300:-:*:*:*:*:*:*:*

History

30 May 2025, 14:49

Type Values Removed Values Added
First Time Nokia hit 7300 Firmware
Nokia
Nokia hit 7300
CPE cpe:2.3:h:nokia:hit_7300:-:*:*:*:*:*:*:*
cpe:2.3:o:nokia:hit_7300_firmware:5.60.50:*:*:*:*:*:*:*
References () https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28807 - () https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28807 - Third Party Advisory

04 Oct 2024, 13:51

Type Values Removed Values Added
Summary
  • (es) Se descubrió un problema en Infinera hiT 7300 5.60.50. El almacenamiento de texto plano de información confidencial en la memoria de la aplicación de administración de escritorio @CT permite que los administradores del sistema operativo invitado obtengan las contraseñas de varios usuarios accediendo a los volcados de memoria de la aplicación de escritorio.

30 Sep 2024, 21:35

Type Values Removed Values Added
CWE CWE-312
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5

30 Sep 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-30 21:15

Updated : 2025-05-30 14:49


NVD link : CVE-2024-28807

Mitre link : CVE-2024-28807

CVE.ORG link : CVE-2024-28807


JSON object : View

Products Affected

nokia

  • hit_7300_firmware
  • hit_7300
CWE
CWE-312

Cleartext Storage of Sensitive Information