Multiple Reflected Input Vulnerabilities in Brocade Fabric OS by Broadcom
CVE-2020-15374

9.8CRITICAL

Key Information:

Vendor: Broadcom
Status: Brocade Fabric Os
Vendor: CVE Published:; 25 September 2020

Summary

The REST API in certain versions of Brocade Fabric OS is susceptible to multiple reflected input vulnerabilities. These vulnerabilities could allow attackers to potentially exploit the system by sending crafted requests that are reflected back, leading to the possibility of executing malicious scripts or commands. Users and organizations utilizing affected versions of Brocade Fabric OS should assess their systems and consider applying necessary patches or updates as outlined in Broadcom's security advisory.

Affected Version(s)

Brocade Fabric OS Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c

References

https://www.broadcom.com/support/fibre-channel-networking...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 25, 2020
Vulnerability Reserved
Jun 29, 2020