CVE-2018-6445
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords.
Una vulnerabilidad en Brocade Network Advisor, en versiones anteriores a la 14.0.3, podría permitir a un atacante remoto no autenticado exportar la base de datos del usuario actual que incluye las contraseñas cifradas (no hasheadas) de los sistemas. El atacante podría obtener acceso al sistema de Brocade Network Advisor después de extraer/descifrar las contraseñas.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-01-31 CVE Reserved
- 2019-01-22 CVE Published
- 2024-01-16 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20190411-0005 | Third Party Advisory |
|
| https://support.lenovo.com/us/en/product_security/LEN-25655 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Brocade Search vendor "Brocade" | Network Advisor Search vendor "Brocade" for product "Network Advisor" | < 14.0.3 Search vendor "Brocade" for product "Network Advisor" and version " < 14.0.3" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Brocade Network Advisor Search vendor "Netapp" for product "Brocade Network Advisor" | - | - |
Affected
| ||||||