CVE-2020-15372
Severity Score
5.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or bypassing the logging.
Una vulnerabilidad en la interfaz de línea de comandos en Brocade Fabric OS antes de Brocade Fabric OS versiones v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, podría permitir a un atacante autenticado local modificar las variables de shell, lo que puede conllevar a una escalada de privilegios o una omisión del registro
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-06-29 CVE Reserved
- 2020-09-25 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-913: Improper Control of Dynamically-Managed Code Resources
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | < 7.4.2g Search vendor "Broadcom" for product "Fabric Operating System" and version " < 7.4.2g" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | >= 8.0.0 < 8.1.2k Search vendor "Broadcom" for product "Fabric Operating System" and version " >= 8.0.0 < 8.1.2k" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | >= 8.2.0 < 8.2.0_cbn3 Search vendor "Broadcom" for product "Fabric Operating System" and version " >= 8.2.0 < 8.2.0_cbn3" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | >= 8.2.1 < 8.2.1e Search vendor "Broadcom" for product "Fabric Operating System" and version " >= 8.2.1 < 8.2.1e" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | >= 8.2.2 < 8.2.2a1 Search vendor "Broadcom" for product "Fabric Operating System" and version " >= 8.2.2 < 8.2.2a1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | >= 8.2.2b < 8.2.2c Search vendor "Broadcom" for product "Fabric Operating System" and version " >= 8.2.2b < 8.2.2c" | - |
Affected
| ||||||