Local File Export Vulnerability in Brocade Fabric OS
CVE-2018-6433

5.5MEDIUM

Key Information:

Vendor: Brocade Communications Systems, Inc.
Status: Brocade Fabric Os
Vendor: CVE Published:; 8 November 2018

What is CVE-2018-6433?

A vulnerability exists in the secryptocfg export command of Brocade Fabric OS that enables a local attacker to circumvent file access restrictions. This flaw allows an attacker to copy files from a source system to a remote destination, potentially exposing sensitive data without proper authorization. Users of affected versions should be aware of this risk and apply the latest patches to secure their systems.

Affected Version(s)

Brocade Fabric OS All versions prior to version 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d

References

https://www.broadcom.com/support/fibre-channel-networking...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 8, 2018
Vulnerability Reserved
Jan 31, 2018

Brocade Communications Systems, Inc.

What is CVE-2018-6433?

Affected Version(s)

References

CVSS V3.1

Timeline