Description

An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in firmware update packages allows attackers to access various appliance services via hardcoded credentials.

Related CPE's

o

nokia

hit_7300_firmware

5.60.50

Vulnerable

h

nokia

hit_7300

-

References

https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28809

Third Party Advisory

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0

Secondary
CWE-312CWE-798

CVSS impact metrics

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.8 · High

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2024-09-30T16:15:05.633Z

1 year ago

Last modified

2025-05-30T12:50:23.463Z

9 months ago