Input validation

2020-12-1121:15:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g contain an improper input validation weakness in the command line interface when secccrypptocfg is invoked. The vulnerability could allow a local authenticated user to run arbitrary commands and perform escalation of privileges.

CPENameOperatorVersion
fabric_operating_systemge8.2.1
fabric_operating_systemlt8.2.1
fabric_operating_systemeq< 7.4.2g
fabric_operating_systemge8.0.0
fabric_operating_systemlt8.1.2
fabric_operating_systemge8.2.0
fabric_operating_systemlt8.2.0
fabric_operating_systemeq>= 8.2.2b AND < 8.2.2c

Name	Operator	Version
fabric_operating_system	ge	8.2.1
fabric_operating_system	lt	8.2.1
fabric_operating_system	eq	< 7.4.2g
fabric_operating_system	ge	8.0.0
fabric_operating_system	lt	8.1.2
fabric_operating_system	ge	8.2.0
fabric_operating_system	lt	8.2.0
fabric_operating_system	eq	>= 8.2.2b AND < 8.2.2c