Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-7517

Опубликовано: 21 нояб. 2024
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command.

This specific exploitation is only possible on IP Extension platforms: Brocade 7810, Brocade 7840, Brocade 7850 and on Brocade X6 or X7 directors with an SX-6 Extension blade installed. The attacker must be logged into the switch via SSH or serial console to conduct the attack.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:brocade:fabric_operating_system:*:*:*:*:*:*:*:*
Версия до 9.2.0c (включая)
cpe:2.3:o:brocade:fabric_operating_system:*:*:*:*:*:*:*:*
Версия от 9.2.1 (включая) до 9.2.1a (включая)

EPSS

Процентиль: 29%
0.00107
Низкий

7.8 High

CVSS3

Дефекты

CWE-78

Связанные уязвимости

github логотип

GHSA-89mq-4fx7-3g3c

CVSS3: 7.8
github
5 месяцев назад

A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command. This specific exploitation is only possible on IP Extension platforms: Brocade 7810, Brocade 7840, Brocade 7850 and on Brocade X6 or X7 directors with an SX-6 Extension blade installed. The attacker must be logged into the switch via SSH or serial console to conduct the attack.

fstec логотип

BDU:2024-10536

CVSS3: 7.8
fstec
около 1 года назад

Уязвимость компонента IPSEC операционной системы Brocade Fabric OS, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 29%
0.00107
Низкий

7.8 High

CVSS3

Дефекты

CWE-78