CVE-2024-7517 (GCVE-0-2024-7517)
Vulnerability from cvelistv5
Published
2024-11-21 05:53
Modified
2024-11-21 17:52
Severity ?
EPSS score ?
Summary
A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command.
This specific exploitation is only possible on IP Extension platforms: Brocade 7810, Brocade 7840, Brocade 7850 and on Brocade X6 or X7 directors with an SX-6 Extension blade installed. The attacker must be logged into the switch via SSH or serial console to conduct the attack.
References
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:brocade:fabric_os:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fabric_os", vendor: "brocade", versions: [ { lessThan: "9.2.0c", status: "affected", version: "0", versionType: "custom", }, { lessThan: "9.2.1a", status: "affected", version: "9.2.1", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-7517", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T14:02:36.321972Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T17:52:58.535Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Fabric OS", vendor: "Brocade", versions: [ { status: "affected", version: "Brocade Fabric OS versions before 9.2.0c, and 9.2.1 through 9.2.1a", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command.</p><p>This specific exploitation is only possible on IP Extension platforms: Brocade 7810, Brocade 7840, Brocade 7850 and on Brocade X6 or X7 directors with an SX-6 Extension blade installed. The attacker must be logged into the switch via SSH or serial console to conduct the attack.</p>", }, ], value: "A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command.\n\nThis specific exploitation is only possible on IP Extension platforms: Brocade 7810, Brocade 7840, Brocade 7850 and on Brocade X6 or X7 directors with an SX-6 Extension blade installed. The attacker must be logged into the switch via SSH or serial console to conduct the attack.", }, ], impacts: [ { capecId: "CAPEC-248", descriptions: [ { lang: "en", value: "CAPEC-248 Command Injection", }, ], }, ], metrics: [ { cvssV4_0: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "LOCAL", baseScore: 8.5, baseSeverity: "HIGH", privilegesRequired: "LOW", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", vulnerabilityResponseEffort: "NOT_DEFINED", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77: Improper Neutralization of Special Elements used in a Command", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-21T05:55:00.417Z", orgId: "87b297d7-335e-4844-9551-11b97995a791", shortName: "brocade", }, references: [ { url: "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25071", }, ], source: { discovery: "UNKNOWN", }, title: "Privileged escalation via crafted use of portcfg command", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "87b297d7-335e-4844-9551-11b97995a791", assignerShortName: "brocade", cveId: "CVE-2024-7517", datePublished: "2024-11-21T05:53:34.442Z", dateReserved: "2024-08-05T22:49:54.345Z", dateUpdated: "2024-11-21T17:52:58.535Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { descriptions: "[{\"lang\": \"en\", \"value\": \"A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command.\\n\\nThis specific exploitation is only possible on IP Extension platforms: Brocade 7810, Brocade 7840, Brocade 7850 and on Brocade X6 or X7 directors with an SX-6 Extension blade installed. The attacker must be logged into the switch via SSH or serial console to conduct the attack.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de inyecci\\u00f3n de comandos en Brocade Fabric OS anterior a la versi\\u00f3n 9.2.0c y de la 9.2.1 a la 9.2.1a en plataformas de extensi\\u00f3n IP podr\\u00eda permitir que un atacante autenticado local realice una escalada de privilegios mediante el uso manipulado del comando portcfg. Esta explotaci\\u00f3n espec\\u00edfica solo es posible en plataformas de extensi\\u00f3n IP: Brocade 7810, Brocade 7840, Brocade 7850 y en directores Brocade X6 o X7 con un blade de extensi\\u00f3n SX-6 instalado. El atacante debe iniciar sesi\\u00f3n en el conmutador a trav\\u00e9s de SSH o una consola serial para realizar el ataque.\"}]", id: "CVE-2024-7517", lastModified: "2024-11-21T13:57:24.187", metrics: "{\"cvssMetricV40\": [{\"source\": \"sirt@brocade.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\", \"baseScore\": 8.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"vulnerableSystemConfidentiality\": \"HIGH\", \"vulnerableSystemIntegrity\": \"HIGH\", \"vulnerableSystemAvailability\": \"HIGH\", \"subsequentSystemConfidentiality\": \"NONE\", \"subsequentSystemIntegrity\": \"NONE\", \"subsequentSystemAvailability\": \"NONE\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"NOT_DEFINED\", \"automatable\": \"NOT_DEFINED\", \"recovery\": \"NOT_DEFINED\", \"valueDensity\": \"NOT_DEFINED\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\"}}]}", published: "2024-11-21T11:15:35.990", references: "[{\"url\": \"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25071\", \"source\": \"sirt@brocade.com\"}]", sourceIdentifier: "sirt@brocade.com", vulnStatus: "Awaiting Analysis", weaknesses: "[{\"source\": \"sirt@brocade.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-77\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2024-7517\",\"sourceIdentifier\":\"sirt@brocade.com\",\"published\":\"2024-11-21T11:15:35.990\",\"lastModified\":\"2024-11-21T13:57:24.187\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command.\\n\\nThis specific exploitation is only possible on IP Extension platforms: Brocade 7810, Brocade 7840, Brocade 7850 and on Brocade X6 or X7 directors with an SX-6 Extension blade installed. The attacker must be logged into the switch via SSH or serial console to conduct the attack.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de inyección de comandos en Brocade Fabric OS anterior a la versión 9.2.0c y de la 9.2.1 a la 9.2.1a en plataformas de extensión IP podría permitir que un atacante autenticado local realice una escalada de privilegios mediante el uso manipulado del comando portcfg. Esta explotación específica solo es posible en plataformas de extensión IP: Brocade 7810, Brocade 7840, Brocade 7850 y en directores Brocade X6 o X7 con un blade de extensión SX-6 instalado. El atacante debe iniciar sesión en el conmutador a través de SSH o una consola serial para realizar el ataque.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"sirt@brocade.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnerableSystemConfidentiality\":\"HIGH\",\"vulnerableSystemIntegrity\":\"HIGH\",\"vulnerableSystemAvailability\":\"HIGH\",\"subsequentSystemConfidentiality\":\"NONE\",\"subsequentSystemIntegrity\":\"NONE\",\"subsequentSystemAvailability\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirements\":\"NOT_DEFINED\",\"integrityRequirements\":\"NOT_DEFINED\",\"availabilityRequirements\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnerableSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedVulnerableSystemIntegrity\":\"NOT_DEFINED\",\"modifiedVulnerableSystemAvailability\":\"NOT_DEFINED\",\"modifiedSubsequentSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedSubsequentSystemIntegrity\":\"NOT_DEFINED\",\"modifiedSubsequentSystemAvailability\":\"NOT_DEFINED\",\"safety\":\"NOT_DEFINED\",\"automatable\":\"NOT_DEFINED\",\"recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"sirt@brocade.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]}],\"references\":[{\"url\":\"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25071\",\"source\":\"sirt@brocade.com\"}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-7517\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-21T14:02:36.321972Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:brocade:fabric_os:-:*:*:*:*:*:*:*\"], \"vendor\": \"brocade\", \"product\": \"fabric_os\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"9.2.0c\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"9.2.1\", \"lessThan\": \"9.2.1a\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-21T14:03:44.236Z\"}}], \"cna\": {\"title\": \"Privileged escalation via crafted use of portcfg command\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-248\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-248 Command Injection\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 8.5, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Brocade\", \"product\": \"Fabric OS\", \"versions\": [{\"status\": \"affected\", \"version\": \"Brocade Fabric OS versions before 9.2.0c, and 9.2.1 through 9.2.1a\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25071\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command.\\n\\nThis specific exploitation is only possible on IP Extension platforms: Brocade 7810, Brocade 7840, Brocade 7850 and on Brocade X6 or X7 directors with an SX-6 Extension blade installed. The attacker must be logged into the switch via SSH or serial console to conduct the attack.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"<p>A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command.</p><p>This specific exploitation is only possible on IP Extension platforms: Brocade 7810, Brocade 7840, Brocade 7850 and on Brocade X6 or X7 directors with an SX-6 Extension blade installed. The attacker must be logged into the switch via SSH or serial console to conduct the attack.</p>\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-77\", \"description\": \"CWE-77: Improper Neutralization of Special Elements used in a Command\"}]}], \"providerMetadata\": {\"orgId\": \"87b297d7-335e-4844-9551-11b97995a791\", \"shortName\": \"brocade\", \"dateUpdated\": \"2024-11-21T05:55:00.417Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2024-7517\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-21T17:52:58.535Z\", \"dateReserved\": \"2024-08-05T22:49:54.345Z\", \"assignerOrgId\": \"87b297d7-335e-4844-9551-11b97995a791\", \"datePublished\": \"2024-11-21T05:53:34.442Z\", \"assignerShortName\": \"brocade\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.