fkie_nvd - fkie_cve-2020-15373

fkie_cve-2020-15373

Vulnerability from fkie_nvd

Published

2020-09-25 14:15

Modified

2024-11-21 05:05

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks.

References

▼	URL	Tags
	sirt@brocade.com	https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-1082	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-1082	Vendor Advisory

Impacted products

Vendor	Product	Version
broadcom	fabric_operating_system	8.2.1
broadcom	fabric_operating_system	8.2.1a
broadcom	fabric_operating_system	8.2.1b
broadcom	fabric_operating_system	8.2.1c
broadcom	fabric_operating_system	8.2.1d
broadcom	fabric_operating_system	8.2.2
broadcom	fabric_operating_system	8.2.2a
broadcom	fabric_operating_system	8.2.2a1
broadcom	fabric_operating_system	8.2.2b
broadcom	fabric_operating_system	8.2.2c

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:broadcom:fabric_operating_system:8.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C91FB6C-7BF5-453E-A618-06756D3DD2FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:broadcom:fabric_operating_system:8.2.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CF38E78-8243-4615-A8A1-1396920F5BA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:broadcom:fabric_operating_system:8.2.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "84E4F075-D03B-4D98-8C9E-840D80DFFF48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:broadcom:fabric_operating_system:8.2.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDDF78F1-A7F3-4656-AD5D-6D84F83B34F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:broadcom:fabric_operating_system:8.2.1d:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAA3D3F6-C768-4096-A2CA-8CC406A92D6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:broadcom:fabric_operating_system:8.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B244FB24-0767-4DC4-9988-ED8C5D9D9A91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:broadcom:fabric_operating_system:8.2.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DDA4E8C-F140-4E39-9A6F-7883F2822499",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:broadcom:fabric_operating_system:8.2.2a1:*:*:*:*:*:*:*",
              "matchCriteriaId": "441E912B-4DD8-4A04-8072-04CE30D5A436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:broadcom:fabric_operating_system:8.2.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3B33CEA-BE17-411D-86FF-388B21E8F018",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:broadcom:fabric_operating_system:8.2.2c:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CB0EA0-D553-4D17-867A-0DBD5D1F6764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de desbordamiento de b\u00fafer en la API REST en Brocade Fabric OS versiones v8.2.1 hasta v8.2.1d, y versiones 8.2.2 anteriores a v8.2.2c, podr\u00edan permitir a atacantes remotos no autenticados llevar a cabo varios ataques"
    }
  ],
  "id": "CVE-2020-15373",
  "lastModified": "2024-11-21T05:05:26.263",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-09-25T14:15:13.720",
  "references": [
    {
      "source": "sirt@brocade.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-1082"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-1082"
    }
  ],
  "sourceIdentifier": "sirt@brocade.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2020-15373

Vulnerability from cvelistv5

Published

2020-09-25 13:10

Modified

2024-08-04 13:15