CVE-2018-6445

Published: Jan 22, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords.

Affected (2)

Products: Brocade: Network Advisor · Netapp: Brocade Network Advisor

1 product

Network Advisor

1 product

Brocade Network Advisor

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Brocade Network Advisor	Before 14.0.3

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Netapp Brocade Network Advisor	All versions

References (6)

https://security.netapp.com/advisory/ntap-20190411-0005/

Source: sirt@brocade.com

Third Party Advisory

https://support.lenovo.com/us/en/product_security/LEN-25655

Source: sirt@brocade.com

https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-745

Source: sirt@brocade.com

Vendor Advisory

https://security.netapp.com/advisory/ntap-20190411-0005/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://support.lenovo.com/us/en/product_security/LEN-25655

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-745

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.