Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for Brocade Network Advisor by Brocade Communications Systems, Inc.

    CVE-2018-6445 (GCVE-0-2018-6445)

    Vulnerability from nvd – Published: 2019-01-22 17:00 – Updated: 2024-08-05 06:01
    VLAI
    Summary
    A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords.
    Severity
    No CVSS data available.
    CWE
    • Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Brocade Communications Systems, Inc. Brocade Network Advisor Affected: All versions prior to version 14.0.3
    Create a notification for this product.
    Date Public
    2019-01-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:01:49.281Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-745"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.lenovo.com/us/en/product_security/LEN-25655"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Brocade Network Advisor",
              "vendor": "Brocade Communications Systems, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to version 14.0.3"
                }
              ]
            }
          ],
          "datePublic": "2019-01-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Access Control",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-06-19T03:06:03.000Z",
            "orgId": "87b297d7-335e-4844-9551-11b97995a791",
            "shortName": "brocade"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-745"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.lenovo.com/us/en/product_security/LEN-25655"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "sirt@brocade.com",
              "ID": "CVE-2018-6445",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Brocade Network Advisor",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to version 14.0.3"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Brocade Communications Systems, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Access Control"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-745",
                  "refsource": "CONFIRM",
                  "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-745"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20190411-0005/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
                },
                {
                  "name": "https://support.lenovo.com/us/en/product_security/LEN-25655",
                  "refsource": "CONFIRM",
                  "url": "https://support.lenovo.com/us/en/product_security/LEN-25655"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
        "assignerShortName": "brocade",
        "cveId": "CVE-2018-6445",
        "datePublished": "2019-01-22T17:00:00.000Z",
        "dateReserved": "2018-01-31T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:01:49.281Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-6444 (GCVE-0-2018-6444)

    Vulnerability from nvd – Published: 2019-01-22 17:00 – Updated: 2024-08-05 06:01
    VLAI
    Summary
    A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    Impacted products
    Vendor Product Version
    Brocade Communications Systems, Inc. Brocade Network Advisor Affected: All versions prior to version 14.1.0
    Create a notification for this product.
    Date Public
    2019-01-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:01:49.247Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-744"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.lenovo.com/us/en/product_security/LEN-25655"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Brocade Network Advisor",
              "vendor": "Brocade Communications Systems, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to version 14.1.0"
                }
              ]
            }
          ],
          "datePublic": "2019-01-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-06-19T03:06:03.000Z",
            "orgId": "87b297d7-335e-4844-9551-11b97995a791",
            "shortName": "brocade"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-744"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.lenovo.com/us/en/product_security/LEN-25655"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "sirt@brocade.com",
              "ID": "CVE-2018-6444",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Brocade Network Advisor",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to version 14.1.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Brocade Communications Systems, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-744",
                  "refsource": "CONFIRM",
                  "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-744"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20190411-0005/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
                },
                {
                  "name": "https://support.lenovo.com/us/en/product_security/LEN-25655",
                  "refsource": "CONFIRM",
                  "url": "https://support.lenovo.com/us/en/product_security/LEN-25655"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
        "assignerShortName": "brocade",
        "cveId": "CVE-2018-6444",
        "datePublished": "2019-01-22T17:00:00.000Z",
        "dateReserved": "2018-01-31T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:01:49.247Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-6443 (GCVE-0-2018-6443)

    Vulnerability from nvd – Published: 2019-01-22 17:00 – Updated: 2024-08-05 06:01
    VLAI
    Summary
    A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who has access to Network Advisor client libraries and able to decrypt the Jboss credentials could gain access to the Jboss web console.
    Severity
    No CVSS data available.
    CWE
    • Use of Hard-coded Credentials
    Assigner
    Impacted products
    Vendor Product Version
    Brocade Communications Systems, Inc. Brocade Network Advisor Affected: All versions prior to version 14.3.1
    Create a notification for this product.
    Date Public
    2019-01-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:01:49.272Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-743"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/153035/Brocade-Network-Advisor-14.4.1-Unauthenticated-Remote-Code-Execution.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Brocade Network Advisor",
              "vendor": "Brocade Communications Systems, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to version 14.3.1"
                }
              ]
            }
          ],
          "datePublic": "2019-01-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who has access to Network Advisor client libraries and able to decrypt the Jboss credentials could gain access to the Jboss web console."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-23T17:06:05.000Z",
            "orgId": "87b297d7-335e-4844-9551-11b97995a791",
            "shortName": "brocade"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-743"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/153035/Brocade-Network-Advisor-14.4.1-Unauthenticated-Remote-Code-Execution.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "sirt@brocade.com",
              "ID": "CVE-2018-6443",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Brocade Network Advisor",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to version 14.3.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Brocade Communications Systems, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who has access to Network Advisor client libraries and able to decrypt the Jboss credentials could gain access to the Jboss web console."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Use of Hard-coded Credentials"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-743",
                  "refsource": "CONFIRM",
                  "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-743"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20190411-0005/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
                },
                {
                  "name": "http://packetstormsecurity.com/files/153035/Brocade-Network-Advisor-14.4.1-Unauthenticated-Remote-Code-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/153035/Brocade-Network-Advisor-14.4.1-Unauthenticated-Remote-Code-Execution.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
        "assignerShortName": "brocade",
        "cveId": "CVE-2018-6443",
        "datePublished": "2019-01-22T17:00:00.000Z",
        "dateReserved": "2018-01-31T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:01:49.272Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-6443 (GCVE-0-2018-6443)

    Vulnerability from cvelistv5 – Published: 2019-01-22 17:00 – Updated: 2024-08-05 06:01
    VLAI
    Summary
    A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who has access to Network Advisor client libraries and able to decrypt the Jboss credentials could gain access to the Jboss web console.
    Severity
    No CVSS data available.
    CWE
    • Use of Hard-coded Credentials
    Assigner
    Impacted products
    Vendor Product Version
    Brocade Communications Systems, Inc. Brocade Network Advisor Affected: All versions prior to version 14.3.1
    Create a notification for this product.
    Date Public
    2019-01-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:01:49.272Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-743"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/153035/Brocade-Network-Advisor-14.4.1-Unauthenticated-Remote-Code-Execution.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Brocade Network Advisor",
              "vendor": "Brocade Communications Systems, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to version 14.3.1"
                }
              ]
            }
          ],
          "datePublic": "2019-01-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who has access to Network Advisor client libraries and able to decrypt the Jboss credentials could gain access to the Jboss web console."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-23T17:06:05.000Z",
            "orgId": "87b297d7-335e-4844-9551-11b97995a791",
            "shortName": "brocade"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-743"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/153035/Brocade-Network-Advisor-14.4.1-Unauthenticated-Remote-Code-Execution.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "sirt@brocade.com",
              "ID": "CVE-2018-6443",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Brocade Network Advisor",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to version 14.3.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Brocade Communications Systems, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who has access to Network Advisor client libraries and able to decrypt the Jboss credentials could gain access to the Jboss web console."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Use of Hard-coded Credentials"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-743",
                  "refsource": "CONFIRM",
                  "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-743"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20190411-0005/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
                },
                {
                  "name": "http://packetstormsecurity.com/files/153035/Brocade-Network-Advisor-14.4.1-Unauthenticated-Remote-Code-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/153035/Brocade-Network-Advisor-14.4.1-Unauthenticated-Remote-Code-Execution.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
        "assignerShortName": "brocade",
        "cveId": "CVE-2018-6443",
        "datePublished": "2019-01-22T17:00:00.000Z",
        "dateReserved": "2018-01-31T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:01:49.272Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-6445 (GCVE-0-2018-6445)

    Vulnerability from cvelistv5 – Published: 2019-01-22 17:00 – Updated: 2024-08-05 06:01
    VLAI
    Summary
    A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords.
    Severity
    No CVSS data available.
    CWE
    • Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Brocade Communications Systems, Inc. Brocade Network Advisor Affected: All versions prior to version 14.0.3
    Create a notification for this product.
    Date Public
    2019-01-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:01:49.281Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-745"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.lenovo.com/us/en/product_security/LEN-25655"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Brocade Network Advisor",
              "vendor": "Brocade Communications Systems, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to version 14.0.3"
                }
              ]
            }
          ],
          "datePublic": "2019-01-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Access Control",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-06-19T03:06:03.000Z",
            "orgId": "87b297d7-335e-4844-9551-11b97995a791",
            "shortName": "brocade"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-745"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.lenovo.com/us/en/product_security/LEN-25655"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "sirt@brocade.com",
              "ID": "CVE-2018-6445",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Brocade Network Advisor",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to version 14.0.3"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Brocade Communications Systems, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Access Control"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-745",
                  "refsource": "CONFIRM",
                  "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-745"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20190411-0005/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
                },
                {
                  "name": "https://support.lenovo.com/us/en/product_security/LEN-25655",
                  "refsource": "CONFIRM",
                  "url": "https://support.lenovo.com/us/en/product_security/LEN-25655"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
        "assignerShortName": "brocade",
        "cveId": "CVE-2018-6445",
        "datePublished": "2019-01-22T17:00:00.000Z",
        "dateReserved": "2018-01-31T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:01:49.281Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-6444 (GCVE-0-2018-6444)

    Vulnerability from cvelistv5 – Published: 2019-01-22 17:00 – Updated: 2024-08-05 06:01
    VLAI
    Summary
    A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    Impacted products
    Vendor Product Version
    Brocade Communications Systems, Inc. Brocade Network Advisor Affected: All versions prior to version 14.1.0
    Create a notification for this product.
    Date Public
    2019-01-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:01:49.247Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-744"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.lenovo.com/us/en/product_security/LEN-25655"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Brocade Network Advisor",
              "vendor": "Brocade Communications Systems, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to version 14.1.0"
                }
              ]
            }
          ],
          "datePublic": "2019-01-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-06-19T03:06:03.000Z",
            "orgId": "87b297d7-335e-4844-9551-11b97995a791",
            "shortName": "brocade"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-744"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.lenovo.com/us/en/product_security/LEN-25655"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "sirt@brocade.com",
              "ID": "CVE-2018-6444",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Brocade Network Advisor",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to version 14.1.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Brocade Communications Systems, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-744",
                  "refsource": "CONFIRM",
                  "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-744"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20190411-0005/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20190411-0005/"
                },
                {
                  "name": "https://support.lenovo.com/us/en/product_security/LEN-25655",
                  "refsource": "CONFIRM",
                  "url": "https://support.lenovo.com/us/en/product_security/LEN-25655"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
        "assignerShortName": "brocade",
        "cveId": "CVE-2018-6444",
        "datePublished": "2019-01-22T17:00:00.000Z",
        "dateReserved": "2018-01-31T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:01:49.247Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }