6 matches found
CVE-2018-6443
The CVE-2018-6443 issue affects Brocade Network Advisor before version 14.3.1, where an unauthenticated, remote attacker could access the JBoss Administration interface via undocumented credentials and install additional JEE applications. The vulnerability arises from hard-to-credential access to...
CVE-2018-6444
CVE-2018-6444 affects Brocade Network Advisor prior to 14.1.0. The vulnerability allows a remote unauthenticated attacker to execute arbitrary code and arbitrary OS commands on the affected system. Remediation per the sources is to upgrade to Brocade Network Advisor 14.1.0 or newer. The provided ...
CVE-2018-6445
CVE-2018-6445 affects Brocade Network Advisor before version 14.0.3. The vulnerability allows a remote unauthenticated attacker to export the current user database, which includes encrypted passwords, potentially enabling access after password decryption. Affected product is Brocade Network Advis...
CVE-2016-8206
CVE-2016-8206 is a Directory Traversal vulnerability in Brocade/IBM Network Advisor, affecting the SoftwareImageUpload servlet in versions up to and including 14.0.2. A remote attacker could write to arbitrary files and, in related notes, delete files via crafted requests. IBM and related advisor...
CVE-2016-8205
Brocade Network Advisor (DashboardFileReceiveServlet) contains a Directory Traversal vulnerability (CVE-2016-8205) in versions up to and including 14.0.2. A remote attacker could upload a malicious file to a location where it can be executed. IBM and other advisories confirm the issue across rela...
CVE-2016-8207
Brocade Network Advisor contains a Directory Traversal vulnerability in the CliMonitorReportServlet, affecting versions up to and including 14.0.2. An unauthenticated remote attacker can exploit a crafted HTTP request to read arbitrary files, including those with sensitive user information. The i...