CVE-2020-15369
Last modified
CVE-2020-15369 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server. An authenticated user could obtain the exposed password credentials to gain access to the remote host.. EPSS estimates a 1.00% chance of exploitation in the next 30 days.
Description
Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server. An authenticated user could obtain the exposed password credentials to gain access to the remote host.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Fabric Operating System | 8.2.1 |
| Broadcom | Fabric Operating System | 8.2.1a |
| Broadcom | Fabric Operating System | 8.2.1b |
| Broadcom | Fabric Operating System | 8.2.1c |
| Broadcom | Fabric Operating System | 8.2.1d |
| Broadcom | Fabric Operating System | 8.2.2 |
| Broadcom | Fabric Operating System | 8.2.2a |
| Broadcom | Fabric Operating System | 8.2.2a1 |
| Broadcom | Fabric Operating System | 8.2.2b |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-15369?
How severe is CVE-2020-15369?
How do I fix CVE-2020-15369?
Are you affected by CVE-2020-15369?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST