Remote Service Session Hijacking in Brocade Fabric OS
CVE-2024-7516

7.1HIGH

Key Information:

Vendor: Brocade
Status: Brocade Fabric OS
Vendor: CVE Published:; 12 November 2024

What is CVE-2024-7516?

A vulnerability exists in Brocade Fabric OS versions before 9.2.2 that allows attackers to perform remote Service Session Hijacking. This security risk stems from the ability of an attacker to forge an SSH key during remote operations initiated by a switch administrator. This exploitation could compromise the integrity of communication and lead to unauthorized access and control over critical operations within the network.

References

https://support.broadcom.com/web/ecx/support-content-noti...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 12, 2024