CVE-2018-6444

moderate-risk
Published 2019-01-22

A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands.

Do I need to act?

~
2.2% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (2)

Brocade Network Advisor

Affected Vendors

Brocade Netapp

References (6)

Third Party Advisory https://security.netapp.com/advisory/ntap-20190411-0005/
https://support.lenovo.com/us/en/product_security/LEN-25655
Vendor Advisory https://www.broadcom.com/support/fibre-channel-networking/security-advisories/br...
Third Party Advisory https://security.netapp.com/advisory/ntap-20190411-0005/
https://support.lenovo.com/us/en/product_security/LEN-25655
Vendor Advisory https://www.broadcom.com/support/fibre-channel-networking/security-advisories/br...
44
/ 100
moderate-risk
Severity 32/34 · Critical
Exploitability 5/34 · Minimal
Exposure 7/34 · Low