Directory Traversal Vulnerability in Brocade Network Advisor by Brocade
CVE-2016-8207

7.5HIGH

Key Information:

Vendor

Brocade
Status
Brocade Network Advisor Versions Released Prior To And Including 14.0.2
Vendor
CVE Published:
14 January 2017

What is CVE-2016-8207?

A vulnerability exists in the CliMonitorReportServlet component of Brocade Network Advisor, allowing remote attackers to exploit directory traversal weaknesses. This can enable them to access arbitrary files on the server, which may include sensitive user data, potentially compromising user privacy and system security. It is crucial for users of affected versions to apply appropriate updates or mitigations to protect against this risk.

Affected Version(s)

Brocade Network Advisor released prior to and including 14.0.2 Brocade Network Advisor versions released prior to and including 14.0.2

References

http://www.securityfocus.com/bid/95691
vdb-entryx_refsource_BID
http://www.zerodayinitiative.com/advisories/ZDI-17-052
x_refsource_MISC
https://support.hpe.com/hpsc/doc/public/display?docLocale...
x_refsource_CONFIRM

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2016-8207 : Directory Traversal Vulnerability in Brocade Network Advisor by Brocade