← back
CVE-2024-25661

CVE-2024-25661

CVSS 7.7 HIGHEPSS 0.1%CWE-312
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.7EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
01 Oct 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In Infinera TNMS (Transcend Network Management System) 19.10.3, cleartext storage of sensitive information in memory of the desktop application TNMS Client allows guest OS administrators to obtain various users' passwords by reading memory dumps of the desktop application.
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25661