Session Manipulation Vulnerability in Brocade Fabric OS by Broadcom
CVE-2018-6434

7.5HIGH

Key Information:

Vendor: Brocade Communications Systems, Inc.
Status: Brocade Fabric Os
Vendor: CVE Published:; 8 November 2018

What is CVE-2018-6434?

A vulnerability exists within the web management interface of Brocade Fabric OS, which affects several versions. This issue could potentially allow attackers to intercept and manipulate user session IDs, leading to unauthorized access and control over user sessions, thereby compromising the security of affected systems.

Affected Version(s)

Brocade Fabric OS All versions prior to version 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d

References

https://www.broadcom.com/support/fibre-channel-networking...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 8, 2018
Vulnerability Reserved
Jan 31, 2018

Brocade Communications Systems, Inc.

What is CVE-2018-6434?

Affected Version(s)

References

CVSS V3.1

Timeline