CVE-2024-25659 – Infinera TNMS 19.10.3 has an insecure default S... (How to Fix)

Q: What is the severity of CVE-2024-25659?

CVE-2024-25659 has a CVSS score of 7.2 (HIGH). Infinera TNMS 19.10.3 has an insecure default SFTP server configuration that allows attackers to traverse outside the designated user home directory. This affects all Linux servers running this specific version of the network management system. Attackers can potentially access sensitive system files and directories.

📋 TL;DR

Infinera TNMS 19.10.3 has an insecure default SFTP server configuration that allows attackers to traverse outside the designated user home directory. This affects all Linux servers running this specific version of the network management system. Attackers can potentially access sensitive system files and directories.

💻 Affected Systems

Products:

Infinera Transcend Network Management System (TNMS)

Versions: 19.10.3

Operating Systems: Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Linux servers running the specific vulnerable version. The vulnerability exists in the default SFTP server configuration.

📦 What is this software?

Transcend Network Management System by Nokia

View all CVEs affecting Transcend Network Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through access to sensitive configuration files, credentials, or system binaries leading to privilege escalation and lateral movement.

🟠

Likely Case

Unauthorized access to sensitive network management data, configuration files, and potentially credential harvesting from accessible directories.

🟢

If Mitigated

Limited access to non-critical files if proper directory restrictions and access controls are implemented.

🌐 Internet-Facing: HIGH if SFTP server is exposed to internet without proper network segmentation.

🏢 Internal Only: MEDIUM as internal attackers could still exploit this to access sensitive management data.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires SFTP access credentials but uses standard directory traversal techniques once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for patched version

Vendor Advisory: https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25659

Restart Required: Yes

Instructions:

1. Check vendor advisory for patched version
2. Apply vendor-provided patch or upgrade to fixed version
3. Restart SFTP service and verify configuration

🔧 Temporary Workarounds

Restrict SFTP Directory Access

linux

Configure SFTP server to enforce chroot jail and prevent directory traversal

Edit SFTP server configuration to include: 'ChrootDirectory /path/to/secure/directory'
Set proper permissions: 'chmod 755 /path/to/secure/directory'
Restart SFTP service

Network Segmentation

linux

Restrict SFTP server access to trusted networks only

Configure firewall rules: 'iptables -A INPUT -p tcp --dport 22 -s trusted_network -j ACCEPT'
iptables -A INPUT -p tcp --dport 22 -j DROP

🧯 If You Can't Patch

Disable SFTP server if not required for operations
Implement strict network access controls and monitor all SFTP connections

🔍 How to Verify

Check if Vulnerable:

Check if running TNMS 19.10.3 and test SFTP directory traversal using authenticated access

Check Version:

Check TNMS version through management interface or consult system documentation

Verify Fix Applied:

Test SFTP access after patch to confirm directory traversal is blocked

📡 Detection & Monitoring

Log Indicators:

Unusual SFTP access patterns
Multiple failed directory traversal attempts
Access to directories outside expected paths

Network Indicators:

SFTP connections from unexpected sources
Unusual data transfer volumes via SFTP

SIEM Query:

source="sftp_logs" AND (event="directory_traversal" OR path="../" OR path="..\")

📊 Metadata

CVE ID: CVE-2024-25659

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-22

Published: October 1, 2024

Last Updated: July 3, 2025

🔗 References

https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25659 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-25659, you might also want to check these: