8.8
CVE-2020-15369
- EPSS 0.22%
- Published 25.09.2020 14:15:13
- Last modified 21.11.2024 05:05:25
- Source sirt@brocade.com
- Teams watchlist Login
- Open Login
Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server. An authenticated user could obtain the exposed password credentials to gain access to the remote host.
Data is provided by the National Vulnerability Database (NVD)
Broadcom ≫ Fabric Operating System Version8.2.1
Broadcom ≫ Fabric Operating System Version8.2.1a
Broadcom ≫ Fabric Operating System Version8.2.1b
Broadcom ≫ Fabric Operating System Version8.2.1c
Broadcom ≫ Fabric Operating System Version8.2.1d
Broadcom ≫ Fabric Operating System Version8.2.2
Broadcom ≫ Fabric Operating System Version8.2.2a
Broadcom ≫ Fabric Operating System Version8.2.2a1
Broadcom ≫ Fabric Operating System Version8.2.2b
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.417 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
CWE-521 Weak Password Requirements
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.