Privilege Escalation Vulnerability in Brocade Fibre Channel SAN Products
CVE-2016-8202

8.8HIGH

Key Information:

Vendor: Brocade Communications Systems, Inc.
Status: Fibre Channel San Products Running Brocade Fabric Os (fos).
Vendor: CVE Published:; 8 May 2017

What is CVE-2016-8202?

A privilege escalation issue exists in Brocade Fibre Channel SAN products that run on Brocade Fabric OS versions prior to v7.4.1d and v8.0.1b. This vulnerability can be exploited by authenticated attackers through the command line interface, allowing non-root users to elevate their privileges to root level. By executing specific combinations of shell commands and parameters, attackers could potentially compromise the system's integrity and gain unauthorized access, making it crucial for users to upgrade to the latest versions to mitigate this security risk.

Affected Version(s)

Fibre Channel SAN products running Brocade Fabric OS (FOS). Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b

References

http://www.securitytracker.com/id/1038401

vdb-entryx_refsource_SECTRACK

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLo...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/98332

vdb-entryx_refsource_BID

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 8, 2017
Vulnerability Reserved
Sep 13, 2016

Brocade Communications Systems, Inc.

What is CVE-2016-8202?

Affected Version(s)

References

CVSS V3.1

Timeline