CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2018-6444
https://notcve.org/view.php?id=CVE-2018-6444
22 Jan 2019 — A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands. Una vulnerabilidad en Brocade Network Advisor, en versiones anteriores a la 14.1.0, podría permitir a un usuario remoto no autenticado ejecutar código arbitrario. La vulnerabilidad podría explotarse para ejecutar comandos arbitrarios del sistema operativo. • https://security.netapp.com/advisory/ntap-20190411-0005 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.1EPSS: 6%CPEs: 2EXPL: 2CVE-2018-6443 – Brocade Network Advisor 14.4.1 - Unauthenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-6443
22 Jan 2019 — A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who has access to Network Advisor client libraries and able to decrypt the Jboss credentials could gain access to the Jboss web console. Una vulnerabilidad en Brocade Network Advisor Versions, en versiones anteriores a... • https://packetstorm.news/files/id/153035 • CWE-255: Credentials Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-6445
https://notcve.org/view.php?id=CVE-2018-6445
22 Jan 2019 — A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords. Una vulnerabilidad en Brocade Network Advisor, en versiones anteriores a la 14.0.3, podría permitir a un atacante remoto no autenticado exportar la base de datos del usuario actual que ... • https://security.netapp.com/advisory/ntap-20190411-0005 •
CVSS: 9.4EPSS: 48%CPEs: 1EXPL: 0CVE-2016-8206 – Brocade Network Advisor SoftwareImageUpload Directory Traversal Arbitrary File Deletion Vulnerability
https://notcve.org/view.php?id=CVE-2016-8206
14 Jan 2017 — A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary files, and consequently delete the files. Una vulnerabilidad de salto de directorio en el servlet SoftwareImageUpload en las versiones Brocade Network Advisor liberadas anteriormente e incluyendo a la 14.0.2 podrían permitir a atacantes remotos escribir archivos arbitrarios, y consecuentemente eliminar los archivo... • http://www.securityfocus.com/bid/95692 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 92%CPEs: 1EXPL: 0CVE-2016-8207 – Brocade Network Advisor CliMonitorReportServlet Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-8207
14 Jan 2017 — A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information. Una vulnerabilidad de salto de directorio en CliMonitorReportServlet en las versiones Brocade Network Advisor liberadas anteriormente e incluyendo a la 14.0.2 podrían permitir a atacantes remotos leer archivos arbitrarios incluyendo archivos con información de usuario... • http://www.securityfocus.com/bid/95691 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 20%CPEs: 1EXPL: 0CVE-2016-8205 – Brocade Network Advisor DashboardFileReceiveServlet Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-8205
14 Jan 2017 — A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed. Una vulnerabilidad de salto de directorio en DashboardFileReceiveServlet en las versiones Brocade Network Advisor liberadas anteriormente e incluyendo la 14.0.2 podrían permitir a atacantes remotos cargar un archivo malicioso en una sección del sistema... • http://www.securityfocus.com/bid/95694 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •