CVE-2024-7516

Published Nov 12, 2024

Last updated 4 days ago

Overview

Description: A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a switch admin.
Source: sirt@brocade.com
NVD status: Awaiting Analysis

Risk scores

CVSS 4.0

Type: Secondary
Base score: 7
Impact score: -
Exploitability score: -
Vector string: CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:P/VC:L/VI:L/VA:H/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity: HIGH

CVSS 3.1

Type: Secondary
Base score: 4.8
Impact score: 3.6
Exploitability score: 1.2
Vector string: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

sirt@brocade.com: CWE-322

Hype score: Not currently trending

CVE-2024-7516 A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the a… https://t.co/S7wQo1ezXs
@CVEnew
12 Nov 2024
200 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References