CVE-2020-15370Log File Information Exposure in Fabric Operating System

CWE-532Log File Information Exposure3 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
0.2%
top 51.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Broadcom Fabric Operating SystemBrocade Fabric OS
Timeline
PublishedSep 25
Latest updateMay 24

Description

Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote attacker to view a user password in cleartext. The vulnerability is due to incorrectly logging the user password in log files.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5brocade/brocade_fabric_osBrocade Fabric OS versions before Brocade Fabric OS v7.4.2g

🔴Vulnerability Details

2
GHSA
GHSA-77hg-8gw6-8f33: Brocade Fabric OS versions before Brocade Fabric OS v72022-05-24
CVEList
CVE-2020-15370: Brocade Fabric OS versions before Brocade Fabric OS v72020-09-25
CVE-2020-15370 — Log File Information Exposure | cvebase