Vulnerability Details : CVE-2018-6445
A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords.
Published
2019-01-22 17:29:00
Updated
2020-08-24 17:37:01
Products affected by CVE-2018-6445
- cpe:2.3:a:brocade:network_advisor:*:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:brocade_network_advisor:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-6445
0.29%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 65 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-6445
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
References for CVE-2018-6445
-
https://support.lenovo.com/us/en/product_security/LEN-25655
Brocade Network Advisor Vulnerabilities - US
-
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-745
Broadcom Inc. | Connecting EverythingVendor Advisory
-
https://security.netapp.com/advisory/ntap-20190411-0005/
January 2019 Brocade Network Advisor Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
Jump to