CVE-2020-15369
 
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server. An authenticated user could obtain the exposed password credentials to gain access to the remote host.
La CLI de Supportlink en Brocade Fabric OS Versiones v8.2.1 hasta v8.2.1d, y versiones 8.2.2 anteriores a v8.2.2c, no oculta el campo password, lo que podría exponer las credenciales de usuarios del servidor remoto. Un usuario autenticado podría obtener las credenciales de contraseña expuestas para conseguir acceso al host remoto
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-06-29 CVE Reserved
- 2020-09-25 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-521: Weak Password Requirements
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | 8.2.1 Search vendor "Broadcom" for product "Fabric Operating System" and version "8.2.1" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | 8.2.1a Search vendor "Broadcom" for product "Fabric Operating System" and version "8.2.1a" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | 8.2.1b Search vendor "Broadcom" for product "Fabric Operating System" and version "8.2.1b" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | 8.2.1c Search vendor "Broadcom" for product "Fabric Operating System" and version "8.2.1c" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | 8.2.1d Search vendor "Broadcom" for product "Fabric Operating System" and version "8.2.1d" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | 8.2.2 Search vendor "Broadcom" for product "Fabric Operating System" and version "8.2.2" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | 8.2.2a Search vendor "Broadcom" for product "Fabric Operating System" and version "8.2.2a" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | 8.2.2a1 Search vendor "Broadcom" for product "Fabric Operating System" and version "8.2.2a1" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | 8.2.2b Search vendor "Broadcom" for product "Fabric Operating System" and version "8.2.2b" | - |
Affected
|