Lucene search

[email protected]CVE-2020-15371

HistorySep 25, 2020 - 2:15 p.m.

CVE-2020-15371

2020-09-2514:15:13

CWE-94

[email protected]

web.nvd.nist.gov

brocade

fabric os

cve-2020-15371

code injection

privilege escalation

vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.0%

JSON

Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability.

Affected configurations

NVD

Node

broadcomfabric_operating_systemMatch8.0.0

broadcomfabric_operating_systemMatch8.0.1

broadcomfabric_operating_systemMatch8.0.1a

broadcomfabric_operating_systemMatch8.0.1b

broadcomfabric_operating_systemMatch8.0.2

broadcomfabric_operating_systemMatch8.0.2a

broadcomfabric_operating_systemMatch8.0.2b

broadcomfabric_operating_systemMatch8.0.2c

broadcomfabric_operating_systemMatch8.0.2d

broadcomfabric_operating_systemMatch8.0.2f

broadcomfabric_operating_systemMatch8.1.0

broadcomfabric_operating_systemMatch8.1.0a

broadcomfabric_operating_systemMatch8.1.0b

broadcomfabric_operating_systemMatch8.1.0c

broadcomfabric_operating_systemMatch8.1.1

broadcomfabric_operating_systemMatch8.1.1a

broadcomfabric_operating_systemMatch8.1.2

broadcomfabric_operating_systemMatch8.1.2a

broadcomfabric_operating_systemMatch8.1.2b

broadcomfabric_operating_systemMatch8.1.2c

broadcomfabric_operating_systemMatch8.1.2d

broadcomfabric_operating_systemMatch8.1.2e

broadcomfabric_operating_systemMatch8.1.2f

broadcomfabric_operating_systemMatch8.1.2j

broadcomfabric_operating_systemMatch8.2.0

broadcomfabric_operating_systemMatch8.2.0a

broadcomfabric_operating_systemMatch8.2.1

broadcomfabric_operating_systemMatch8.2.1a

broadcomfabric_operating_systemMatch8.2.1b

broadcomfabric_operating_systemMatch8.2.1c

broadcomfabric_operating_systemMatch8.2.1d

broadcomfabric_operating_systemMatch8.2.2

broadcomfabric_operating_systemMatch8.2.2a

broadcomfabric_operating_systemMatch8.2.2a1

broadcomfabric_operating_systemMatch8.2.2b

CPENameOperatorVersion
broadcom:fabric_operating_systembroadcom fabric operating systemeq8.0.0
broadcom:fabric_operating_systembroadcom fabric operating systemeq8.0.1
broadcom:fabric_operating_systembroadcom fabric operating systemeq8.0.1a
broadcom:fabric_operating_systembroadcom fabric operating systemeq8.0.1b
broadcom:fabric_operating_systembroadcom fabric operating systemeq8.0.2
broadcom:fabric_operating_systembroadcom fabric operating systemeq8.0.2a
broadcom:fabric_operating_systembroadcom fabric operating systemeq8.0.2b
broadcom:fabric_operating_systembroadcom fabric operating systemeq8.0.2c
broadcom:fabric_operating_systembroadcom fabric operating systemeq8.0.2d
broadcom:fabric_operating_systembroadcom fabric operating systemeq8.0.2f

CPE	Name	Operator	Version
broadcom:fabric_operating_system	broadcom fabric operating system	eq	8.0.0
broadcom:fabric_operating_system	broadcom fabric operating system	eq	8.0.1
broadcom:fabric_operating_system	broadcom fabric operating system	eq	8.0.1a
broadcom:fabric_operating_system	broadcom fabric operating system	eq	8.0.1b
broadcom:fabric_operating_system	broadcom fabric operating system	eq	8.0.2
broadcom:fabric_operating_system	broadcom fabric operating system	eq	8.0.2a
broadcom:fabric_operating_system	broadcom fabric operating system	eq	8.0.2b
broadcom:fabric_operating_system	broadcom fabric operating system	eq	8.0.2c
broadcom:fabric_operating_system	broadcom fabric operating system	eq	8.0.2d
broadcom:fabric_operating_system	broadcom fabric operating system	eq	8.0.2f

Rows per page:

1-10 of 351

CNA Affected

[
  {
    "product": "Brocade Fabric OS",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Brocade Fabric OS versions after v8.0.0 and before Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3."
      }
    ]
  }
]

References

www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-1080

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.0%

JSON

Related for CVE-2020-15371

broadcom1 prion1 cvelist1 nvd1 lenovo2