CVE-2018-6443

EPSS 7.94%
Veröffentlicht 22.01.2019 17:29:00
Zuletzt bearbeitet 21.11.2024 04:10:41
Quelle sirt@brocade.com
Teams Watchlist Login
Unerledigt Login

A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who has access to Network Advisor client libraries and able to decrypt the Jboss credentials could gain access to the Jboss web console.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Brocade ≫ Network Advisor Version < 14.3.1

Netapp ≫ Brocade Network Advisor Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	7.94%	0.918

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.1	2.2	5.9	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

http://packetstormsecurity.com/files/153035/Brocade-Network-Advisor-14.4.1-Unauthenticated-Remote-Code-Execution.html

https://security.netapp.com/advisory/ntap-20190411-0005/

Third Party Advisory

https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-743

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-6443

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-6443

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-6443

EUVD