Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-28809

An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in firmware update packages allows attackers to access various appliance services via hardcoded credentials.

Published

2024-09-30T18:15:05.633

Last Modified

2025-05-30T14:50:23.463

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses

Type: Secondary
CWE-312
CWE-798

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	nokia	hit_7300_firmware	5.60.50	Yes
Hardware	nokia	hit_7300	-	No

References

https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28809 Third Party Advisory ([email protected])