cbcvebase.

Brocade Network Advisor vulnerabilities

6 known vulnerabilities affecting brocade/network_advisor.

Total CVEs
6
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH4

Vulnerabilities

Page 1 of 1
CVE-2018-6443P2HIGHCVSS 8.1PoCfixed in 14.3.12019-01-22
CVE-2018-6443 [HIGH] CWE-255 CVE-2018-6443: A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, re A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who has access to Network Advisor client libraries and able t
nvd
CVE-2018-6444P2CRITICALCVSS 9.8fixed in 14.1.02019-01-22
CVE-2018-6444 [CRITICAL] CWE-78 CVE-2018-6444: A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticat A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands.
nvd
CVE-2016-8205P2CRITICALCVSS 9.8≤ 14.0.22017-01-14
CVE-2016-8205 [CRITICAL] CWE-22 CVE-2016-8205: A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor ve A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed.
nvd
CVE-2016-8206P3HIGHCVSS 7.5≤ 14.0.22017-01-14
CVE-2016-8206 [HIGH] CWE-22 CVE-2016-8206: A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor ve A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary files, and consequently delete the files.
nvd
CVE-2016-8207P3HIGHCVSS 7.5≤ 14.0.22017-01-14
CVE-2016-8207 [HIGH] CWE-22 CVE-2016-8207: A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versio A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information.
nvd
CVE-2018-6445P3HIGHCVSS 7.5fixed in 14.0.32019-01-22
CVE-2018-6445 [HIGH] CVE-2018-6445: A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticat A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords.
nvd
Brocade Network Advisor vulnerabilities | cvebase