CVE-2020-15388Incorrect Permission Assignment in Fabric Operating System

CWE-732Incorrect Permission Assignment3 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
0.2%
top 53.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Broadcom Fabric Operating SystemBrocade Fabric OS
Timeline
PublishedMar 18
Latest updateMar 19

Description

A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5brocade/brocade_fabric_osBrocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a
NVDbroadcom/fabric_operating_system9.0.09.0.1a+4

🔴Vulnerability Details

2
GHSA
GHSA-9xm4-4cpx-rm88: A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v92022-03-19
CVEList
CVE-2020-15388: A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v92022-03-18
CVE-2020-15388 — Incorrect Permission Assignment | cvebase