CVE-2019-16203

Опубликовано: 05 фев. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote ESRS server when these credentials are given as a command line option when configuring the ESRS client.

Ссылки

https://security.netapp.com/advisory/ntap-20200511-0008/
Third Party Advisory
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-906
Vendor Advisory
https://security.netapp.com/advisory/ntap-20200511-0008/
Third Party Advisory
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-906
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*

Версия от 8.2.1 (включая) до 8.2.1d (исключая)

cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*

Версия от 8.2.2 (включая) до 8.2.2a (исключая)

EPSS

Процентиль: 55%

0.00322

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-532

Связанные уязвимости

GHSA-c73f-5r3f-rr6v

github

больше 3 лет назад