CVE-2017-6223

2017-09-2700:00:00

brocade

www.cve.org

9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.4%

JSON

Ruckus Wireless Zone Director Controller firmware releases ZD9.9.x, ZD9.10.x, ZD9.13.0.x less than 9.13.0.0.232 contain OS Command Injection vulnerabilities in the ping functionality that could allow local authenticated users to execute arbitrary privileged commands on the underlying operating system.

CNA Affected

[
  {
    "product": "Zone Director Controller Firmware",
    "vendor": "Brocade Communications Systems, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "ZD9.9.x"
      },
      {
        "status": "affected",
        "version": "ZD9.10.x"
      },
      {
        "status": "affected",
        "version": "ZD9.13.0.x"
      }
    ]
  }
]

References

ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-092917.txt