Unrated severityNVD Advisory· Published Jan 22, 2019· Updated Aug 5, 2024

CVE-2018-6443

Description

A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who has access to Network Advisor client libraries and able to decrypt the Jboss credentials could gain access to the Jboss web console.

Affected products

Brocade Communications Systems, Inc./Brocade Network Advisorv5
Range: All versions prior to version 14.3.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/153035/Brocade-Network-Advisor-14.4.1-Unauthenticated-Remote-Code-Execution.htmlmitrex_refsource_MISC
security.netapp.com/advisory/ntap-20190411-0005/mitrex_refsource_CONFIRM
www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-743mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.006
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000