CVE-2024-28813

An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an unexpected network interface.
References
Link Resource
https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28813 Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:nokia:hit_7300_firmware:5.60.50:*:*:*:*:*:*:*
cpe:2.3:h:nokia:hit_7300:-:*:*:*:*:*:*:*

History

30 May 2025, 14:49

Type Values Removed Values Added
CPE cpe:2.3:h:nokia:hit_7300:-:*:*:*:*:*:*:*
cpe:2.3:o:nokia:hit_7300_firmware:5.60.50:*:*:*:*:*:*:*
References () https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28813 - () https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28813 - Third Party Advisory
First Time Nokia hit 7300 Firmware
Nokia
Nokia hit 7300

04 Oct 2024, 13:51

Type Values Removed Values Added
Summary
  • (es) Se descubrió un problema en Infinera hiT 7300 5.60.50. Las funciones privilegiadas no documentadas en la aplicación de administración @CT permiten que un atacante active el acceso SSH remoto al dispositivo a través de una interfaz de red inesperada.

30 Sep 2024, 19:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.4
CWE CWE-269

30 Sep 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-30 19:15

Updated : 2025-05-30 14:49


NVD link : CVE-2024-28813

Mitre link : CVE-2024-28813

CVE.ORG link : CVE-2024-28813


JSON object : View

Products Affected

nokia

  • hit_7300_firmware
  • hit_7300
CWE
CWE-269

Improper Privilege Management