CVE-2016-8202

high

Description

A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected versions, non-root users can gain root access with a combination of shell commands and parameters.

References

https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-208

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03739en_us

http://www.securitytracker.com/id/1038401

http://www.securityfocus.com/bid/98332

Details

Source: Mitre, NVD

Published: 2017-05-08

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High