CVE-2004-1663 — Silkworm vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.4%

top 39.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Fabric Operating System Brocade Silkworm Brocade Silkworm Fiber Channel Switch +1 more

Timeline

PublishedSep 4

Latest updateApr 29

Description

Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

▶NVDbrocade/silkworm5 versions+4

▶NVDengenio/storage_controller4 versions+3

▶NVDbrocade/silkworm_fiber_channel_switch2010, 2040, 2050+2

▶NVDbroadcom/fabric_operating_system2.1.2, 2.2, 3.1+2

🔴Vulnerability Details

GHSA

GHSA-4h7m-m3ch-jghg: Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches,↗2022-04-29

▶

CVEList

CVE-2004-1663: Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches,↗2005-02-20

▶