CVE-2024-5460

EPSS 0.59%
Veröffentlicht 26.06.2024 00:15:11
Zuletzt bearbeitet 04.02.2025 15:24:36
Quelle sirt@brocade.com
Teams Watchlist Login
Unerledigt Login

A vulnerability in the default configuration of the Simple Network 
Management Protocol (SNMP) feature of Brocade Fabric OS versions before 
v9.0.0 could allow an authenticated, remote attacker to read data from 
an affected device via SNMP. The vulnerability is due to hard-coded, 
default community string in the configuration file for the SNMP daemon. 
An attacker could exploit this vulnerability by using the static 
community string in SNMP version 1 queries to an affected device.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Broadcom ≫ Fabric Operating System Version < 9.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.59%	0.681

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.1	2.8	5.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
sirt@brocade.com	8.1	2.8	5.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24409

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-5460

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-5460

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-5460

EUVD