9.8
CVE-2018-6446
- EPSS 0.85%
- Veröffentlicht 29.06.2020 18:15:11
- Zuletzt bearbeitet 21.11.2024 04:10:41
- Quelle sirt@brocade.com
- CVE-Watchlists
- Unerledigt
LoginA vulnerability in Brocade Network Advisor Version Before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Broadcom ≫ Brocade Network Advisor Version < 14.3.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.85% | 0.727 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-798 Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.