CVE-2014-4868

2014-10-0710:55:04

CWE-78

[email protected]

web.nvd.nist.gov

cve-2014-4868

brocade vyatta

vrouter

remote code execution

nvd

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

59.5%

JSON

The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows remote authenticated users to execute arbitrary Linux commands via shell metacharacters in a console command.

Affected configurations

NVD

Node

brocadevyatta_5400_vrouter_softwareMatch6.4

brocadevyatta_5400_vrouter_softwareMatch6.6

brocadevyatta_5400_vrouter_softwareMatch6.7

AND

brocadevyatta_5400_vrouterMatch-

CPENameOperatorVersion
brocade:vyatta_5400_vrouter_softwarebrocade vyatta 5400 vrouter softwareeq6.4
brocade:vyatta_5400_vrouter_softwarebrocade vyatta 5400 vrouter softwareeq6.6
brocade:vyatta_5400_vrouter_softwarebrocade vyatta 5400 vrouter softwareeq6.7
brocade:vyatta_5400_vrouterbrocade vyatta 5400 vroutereq-

CPE	Name	Operator	Version
brocade:vyatta_5400_vrouter_software	brocade vyatta 5400 vrouter software	eq	6.4
brocade:vyatta_5400_vrouter_software	brocade vyatta 5400 vrouter software	eq	6.6
brocade:vyatta_5400_vrouter_software	brocade vyatta 5400 vrouter software	eq	6.7
brocade:vyatta_5400_vrouter	brocade vyatta 5400 vrouter	eq	-