23 matches found
CVE-2024-25660
The WebDAV service in Infinera TNMS Transcend Network Management System 19.10.3 allows a low-privileged remote attacker to conduct unauthorized file operations, because of execution with unnecessary privileges...
CVE-2024-25661
In Infinera TNMS Transcend Network Management System 19.10.3, cleartext storage of sensitive information in memory of the desktop application TNMS Client allows guest OS administrators to obtain various users' passwords by reading memory dumps of the desktop application...
CVE-2024-25659
In Infinera TNMS Transcend Network Management System 19.10.3, an insecure default configuration of the internal SFTP server on Linux servers allows remote attacker to access files and directories outside the SFTP user home directory...
CVE-2024-25658
Cleartext storage of passwords in Infinera TNMS Transcend Network Management System Server 19.10.3 allows attackers with access to the database or exported configuration files to obtain SNMP users' usernames and passwords in cleartext...
CVE-2024-25660
The WebDAV service in Infinera TNMS Transcend Network Management System 19.10.3 allows a low-privileged remote attacker to conduct unauthorized file operations, because of execution with unnecessary privileges...
CVE-2024-25659
In Infinera TNMS Transcend Network Management System 19.10.3, an insecure default configuration of the internal SFTP server on Linux servers allows remote attacker to access files and directories outside the SFTP user home directory...
CVE-2024-25658
Cleartext storage of passwords in Infinera TNMS Transcend Network Management System Server 19.10.3 allows attackers with access to the database or exported configuration files to obtain SNMP users' usernames and passwords in cleartext...
CVE-2024-25661
In Infinera TNMS Transcend Network Management System 19.10.3, cleartext storage of sensitive information in memory of the desktop application TNMS Client allows guest OS administrators to obtain various users' passwords by reading memory dumps of the desktop application...
CVE-2024-25658
Cleartext storage of passwords in Infinera TNMS Transcend Network Management System Server 19.10.3 allows attackers with access to the database or exported configuration files to obtain SNMP users' usernames and passwords in cleartext...
CVE-2024-25661
In Infinera TNMS Transcend Network Management System 19.10.3, cleartext storage of sensitive information in memory of the desktop application TNMS Client allows guest OS administrators to obtain various users' passwords by reading memory dumps of the desktop application...
CVE-2024-25658
Summary : CVE-2024-25658 affects Infinera TNMS Server 19.10.3, where passwords are stored in cleartext, allowing attackers with access to the database or exported configuration files to obtain SNMP usernames and passwords. Affected product/details : Infinera Transcend Network Management System (T...
CVE-2024-25660
CVE-2024-25660 concerns Infinera TNMS 19.10.3 where the WebDAV service can be abused by a low-privileged, remote attacker to perform unauthorized file operations. The root cause is the service executing with unnecessary privileges, enabling impact on confidentiality, integrity, and availability. ...
CVE-2024-25661
Infinera TNMS 19.10.3 is affected by CVE-2024-25661 due to cleartext storage of sensitive information in memory of the TNMS Client desktop app. This allows guest OS administrators to obtain user passwords by reading memory dumps. The vulnerability is local with high impact on confidentiality, int...
CVE-2024-25661
In Infinera TNMS Transcend Network Management System 19.10.3, cleartext storage of sensitive information in memory of the desktop application TNMS Client allows guest OS administrators to obtain various users' passwords by reading memory dumps of the desktop application...
CVE-2024-25659
In Infinera TNMS Transcend Network Management System 19.10.3, an insecure default configuration of the internal SFTP server on Linux servers allows remote attacker to access files and directories outside the SFTP user home directory...
CVE-2024-25659
In Infinera TNMS Transcend Network Management System 19.10.3, an insecure default configuration of the internal SFTP server on Linux servers allows remote attacker to access files and directories outside the SFTP user home directory...
PT-2024-21074 · Infinera · Infinera Tnms Server
Name of the Vulnerable Software and Affected Versions: Infinera TNMS Server version 19.10.3 Description: The issue allows attackers with access to the database or exported configuration files to obtain SNMP users' usernames and passwords in cleartext. This occurs due to the cleartext storage of...
CVE-2024-25660
The WebDAV service in Infinera TNMS Transcend Network Management System 19.10.3 allows a low-privileged remote attacker to conduct unauthorized file operations, because of execution with unnecessary privileges...
CVE-2024-25660
The WebDAV service in Infinera TNMS Transcend Network Management System 19.10.3 allows a low-privileged remote attacker to conduct unauthorized file operations, because of execution with unnecessary privileges...
CVE-2024-25658
Cleartext storage of passwords in Infinera TNMS Transcend Network Management System Server 19.10.3 allows attackers with access to the database or exported configuration files to obtain SNMP users' usernames and passwords in cleartext...