Описание
A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:broadcom:fabric_operating_system:2.1.2:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:2.2:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:3.1:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:5.0.5b:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:5.2.0:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:5.2.0a:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:7.4.0:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:7.4.1:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:7.4.1a:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:7.4.1b:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:7.4.1c:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:7.4.1d:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:7.4.1e:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:7.4.2:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:7.4.2a:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:7.4.2b:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:7.4.2c:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:7.4.2d:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:7.4.2f:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.0.0:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.0.1:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.0.1a:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.0.1b:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.0.2:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.0.2a:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.0.2b:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.0.2c:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.0.2d:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.0.2f:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.1.0:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.1.0a:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.1.0b:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.1.0c:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.1.1:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.1.1a:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2a:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2b:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2c:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2d:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2e:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2f:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2j:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.2.0:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.2.0a:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.2.1:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.2.1a:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.2.1b:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.2.1c:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.2.1d:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.2.2:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.2.2a:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.2.2a1:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.2.2b:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:fabric_operating_system:8.2.3:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00303
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account.
EPSS
Процентиль: 53%
0.00303
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79