Lucene search
K
NokiaTranscend Network Management System

4 matches found

CVE
CVE
added 2024/10/01 12:0 a.m.62 views

CVE-2024-25660

CVE-2024-25660 concerns Infinera TNMS 19.10.3 where the WebDAV service can be abused by a low-privileged, remote attacker to perform unauthorized file operations. The root cause is the service executing with unnecessary privileges, enabling impact on confidentiality, integrity, and availability. ...

9CVSS7.1AI score0.00535EPSS
CVE
CVE
added 2024/10/01 12:0 a.m.53 views

CVE-2024-25659

Infinera TNMS (Transcend Network Management System) version 19.10.3 is affected by an insecure default configuration of the internal SFTP server on Linux, which can allow a remote attacker to access files and directories outside the SFTP user home directory. The CVE-2024-25659 entry notes a netwo...

7.2CVSS7.2AI score0.00707EPSS
CVE
CVE
added 2024/10/01 12:0 a.m.50 views

CVE-2024-25658

Summary : CVE-2024-25658 affects Infinera TNMS Server 19.10.3, where passwords are stored in cleartext, allowing attackers with access to the database or exported configuration files to obtain SNMP usernames and passwords. Affected product/details : Infinera Transcend Network Management System (T...

6.5CVSS6.9AI score0.0018EPSS
CVE
CVE
added 2024/10/01 12:0 a.m.48 views

CVE-2024-25661

Infinera TNMS 19.10.3 is affected by CVE-2024-25661 due to cleartext storage of sensitive information in memory of the TNMS Client desktop app. This allows guest OS administrators to obtain user passwords by reading memory dumps. The vulnerability is local with high impact on confidentiality, int...

7.7CVSS6.4AI score0.00126EPSS