Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-28809 | 1 Nokia | 2 Hit 7300, Hit 7300 Firmware | 2025-05-30 | N/A | 8.8 HIGH |
| An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in firmware update packages allows attackers to access various appliance services via hardcoded credentials. | |||||
| CVE-2024-28810 | 1 Nokia | 2 Hit 7300, Hit 7300 Firmware | 2025-05-30 | N/A | 6.6 MEDIUM |
| An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic files (exported by the @CT application) allows an attacker to achieve loss of confidentiality by analyzing these files. | |||||
| CVE-2024-28811 | 1 Nokia | 2 Hit 7300, Hit 7300 Firmware | 2025-05-30 | N/A | 3.3 LOW |
| An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote privileged attacker to execute applications contained in a specific OS directory via HTTP invocations. | |||||
| CVE-2024-28812 | 1 Nokia | 2 Hit 7300, Hit 7300 Firmware | 2025-05-30 | N/A | 8.8 HIGH |
| An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service (on the local management network interface) with hardcoded credentials allows attackers to access the appliance operating system (with highest privileges) via an SSH connection. | |||||
| CVE-2024-28813 | 1 Nokia | 2 Hit 7300, Hit 7300 Firmware | 2025-05-30 | N/A | 8.4 HIGH |
| An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an unexpected network interface. | |||||
| CVE-2024-28807 | 1 Nokia | 2 Hit 7300, Hit 7300 Firmware | 2025-05-30 | N/A | 6.5 MEDIUM |
| An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information in the memory of the @CT desktop management application allows guest OS administrators to obtain various users' passwords by accessing memory dumps of the desktop application. | |||||
| CVE-2024-28808 | 1 Nokia | 2 Hit 7300, Hit 7300 Firmware | 2025-05-30 | N/A | 2.7 LOW |
| An issue was discovered in Infinera hiT 7300 5.60.50. Hidden functionality in the web interface allows a remote authenticated attacker to access reserved information by accessing undocumented web applications. | |||||