CVE-2016-8209 : Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00

Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published 2017-05-08 18:29:00

Updated 2017-07-08 01:29:02

Source Brocade Communications Systems, LLC

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2016-8209

Brocade » Netiron Mlx Series Firmware » Version: N/A
cpe:2.3:o:brocade:netiron_mlx_series_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Brocade » Netiron Mlxe-16 » Version: N/A
When used together with: Brocade » Netiron Mlxe-32 » Version: N/A
When used together with: Brocade » Netiron Mlxe-4 » Version: N/A
When used together with: Brocade » Netiron Mlxe-8 » Version: N/A
Brocade » Netiron Cer Series Firmware » Version: N/A
cpe:2.3:o:brocade:netiron_cer_series_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Brocade » Netiron Cer 2024c-4x-rt » Version: N/A
When used together with: Brocade » Netiron Cer 2024f-4x-rt » Version: N/A
When used together with: Brocade » Netiron Cer 2024f-rt » Version: N/A
When used together with: Brocade » Netiron Cer 2048fx-rt » Version: N/A
Brocade » Netiron Ces Series Firmware » Version: N/A
cpe:2.3:o:brocade:netiron_ces_series_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Brocade » Netiron Ces 2024c-4x » Version: N/A
When used together with: Brocade » Netiron Ces 2024f-4x » Version: N/A
When used together with: Brocade » Netiron Ces 2048fx » Version: N/A
Brocade » Netiron Xmr Series Firmware » Version: N/A
cpe:2.3:o:brocade:netiron_xmr_series_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Brocade » Netiron Xmr 16000 » Version: N/A
When used together with: Brocade » Netiron Xmr 32000 » Version: N/A
When used together with: Brocade » Netiron Xmr 4000 » Version: N/A
When used together with: Brocade » Netiron Xmr 8000 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2016-8209

EPSS FAQ

0.47%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 62 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-8209

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
7.5	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2016-8209

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-8209

http://www.securitytracker.com/id/1038402

Brocade NetIron SSH Port Flaw Lets Remote Users Cause the Target System to Reload - SecurityTracker
https://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2017-315.htm

Brocade Security Advisories
Vendor Advisory

Jump to

Vulnerability Details : CVE-2016-8209

Products affected by CVE-2016-8209

Exploit prediction scoring system (EPSS) score for CVE-2016-8209

CVSS scores for CVE-2016-8209

CWE ids for CVE-2016-8209

References for CVE-2016-8209