Insecure Default Configuration in Infinera Transcend Network Management System
CVE-2024-25659

Currently unrated

Key Information:

Vendor: Infinera
Status: Transcend Network Management System
Vendor: CVE Published:; 1 October 2024

What is CVE-2024-25659?

The Transcend Network Management System (TNMS) from Infinera, specifically version 19.10.3, is impacted by a significant vulnerability due to an insecure default configuration of its internal SFTP server. This flaw enables a remote attacker to gain unauthorized access to files and directories outside of the designated SFTP user home directory on Linux servers. Such exposure can lead to serious security breaches, compromising sensitive information and system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25659

Timeline

Vulnerability published
Oct 1, 2024
Vulnerability Reserved
Feb 9, 2024

JSON

Infinera

What is CVE-2024-25659?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.