← Back

CVE-2024-25661

nvd nist
Published: Oct 1, 2024Modified: Jul 10, 2025

JSON object

Loading...
7.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Exploitability: 1.1 / Impact: 6.0
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

In Infinera TNMS (Transcend Network Management System) 19.10.3, cleartext storage of sensitive information in memory of the desktop application TNMS Client allows guest OS administrators to obtain various users' passwords by reading memory dumps of the desktop application.

Affected (1)

Nokia
1 product
Transcend Network Management System
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Transcend Network Management System
Version 19.10.3

Related CWEs

CWE-312
Cleartext Storage of Sensitive Information
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

References (1)

Source: cve@mitre.org
Third Party Advisory

Timeline

No history available yet.