CVE-2016-8202

Опубликовано: 08 мая 2017

Источник: nvd

CVSS3: 8.8

CVSS2: 9

EPSS Низкий

Описание

A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected versions, non-root users can gain root access with a combination of shell commands and parameters.

Ссылки

http://www.securityfocus.com/bid/98332
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038401
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03739en_us
Third Party Advisory
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-208
http://www.securityfocus.com/bid/98332
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038401
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03739en_us
Third Party Advisory
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-208

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*

Версия до 7.4.1c (включая)

cpe:2.3:o:broadcom:fabric_operating_system:8.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01357

Низкий

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-wq4q-gffr-mpf3