RSS   Podatności dla 'Network advisor'   RSS

2019-01-22
 
CVE-2018-6445

CWE-255
 

 
A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords.

 
 
CVE-2018-6444

CWE-78
 

 
A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands.

 
 
CVE-2018-6443

CWE-255
 

 
A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who has access to Network Advisor client libraries and able to decrypt the Jboss credentials could gain access to the Jboss web console.

 
2017-01-14
 
CVE-2016-8207

CWE-22
 

 
A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information.

 
 
CVE-2016-8206

CWE-22
 

 
A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary files, and consequently delete the files.

 
 
CVE-2016-8205

CWE-22
 

 
A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed.

 
 
CVE-2016-8204

CWE-22
 

 
A Directory Traversal vulnerability in FileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed.

 

 >>> Vendor: Brocade 26 Produkty
Silkworm
Silkworm fiber channel switch
Fabric os
Bigiron rx switch
MLX
Netiron xmr
Netiron cer
Netiron ces
VDX
Fastiron
ICX
Turboiron
Bigiron rx
ADX
Vyatta
Vyatta vrouter software
Vyatta vrouter
Vyatta 5400 vrouter software
Vyatta 5400 vrouter
Netiron os
Network advisor
Virtual traffic manager
Netiron cer series firmware
Netiron xmr series firmware
Netiron mlx series firmware
Netiron ces series firmware


Copyright 2022, cxsecurity.com

 

Back to Top