ГлавнаяУязвимости → CVE-2024-28812
8.8высокая

CVE-2024-28812

→ есть в БДУ: BDU:2024-07682 (на русском)
Описание (на английском; русское — в БДУ выше)

An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service (on the local management network interface) with hardcoded credentials allows attackers to access the appliance operating system (with highest privileges) via an SSH connection.

Затрагиваемое ПО
Nokia Hit 7300 firmwareNokia Hit 7300
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28812