CVE-2016-8202
published 2017-05-08CVE-2016-8202: A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could…
PriorityP356high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EPSS
3.05%
85.9th percentile
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected versions, non-root users can gain root access with a combination of shell commands and parameters.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| broadcom | fabric_operating_system | <= 7.4.1c | — |
| broadcom | fabric_operating_system | — | — |
| brocade_communications_systems_inc | fibre_channel_san_products_running_brocade_fabric_os | — | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/98332http://www.securitytracker.com/id/1038401https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03739en_ushttps://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-208http://www.securityfocus.com/bid/98332http://www.securitytracker.com/id/1038401https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03739en_ushttps://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-208
2017-05-08
Published