CVE-2020-15372
published 2020-09-25CVE-2020-15372: A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0…
PriorityP424medium5.5CVSS 3.1
AVLACLPRLUINSUCNIHAN
EPSS
0.33%
24.6th percentile
A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or bypassing the logging.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| broadcom | fabric_operating_system | < 7.4.2g | 7.4.2g |
| broadcom | fabric_operating_system | >= 8.0.0 < 8.1.2k | 8.1.2k |
| broadcom | fabric_operating_system | >= 8.2.0 < 8.2.0_cbn3 | 8.2.0_cbn3 |
| broadcom | fabric_operating_system | >= 8.2.1 < 8.2.1e | 8.2.1e |
| broadcom | fabric_operating_system | >= 8.2.2 < 8.2.2a1 | 8.2.2a1 |
| broadcom | fabric_operating_system | >= 8.2.2b < 8.2.2c | 8.2.2c |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-09-25
Published