LenovoLENOVO:PS500157-NOSIDBrocade Fabric OS Vulnerabilities - US
6.5 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.1 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
0.003 Low
EPSS
Percentile
66.1%
Lenovo Security Advisory: LEN-18214
**Potential Impact:**Cross-site Scripting, Denial of Service
Severity: High
Scope of Impact: Industry-wide
CVE Identifier: CVE-2017-6225, CVE-2017-6227
Summary Description:
Brocade issued advisories BSA-2018-525 and BSA-2018-526 related to vulnerabilities in Brocade Fabric OS allowing cross-site scripting (XSS) in the web-based management interface, and denial of service caused by an adjacent attacker sending crafted Router Advertisement messages.
Mitigation Strategy for Customers (what you should do to protect yourself):
Brocade recommends applying the firmware update appropriate for your model described in the product impact section below.
Related
6.5 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.1 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
0.003 Low
EPSS
Percentile
66.1%