FKIE_CVE-2016-8209

Vulnerability from fkie_nvd - Published: 2017-05-08 18:29 - Updated: 2025-04-20 01:37
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.
References
sirt@brocade.comhttp://www.securitytracker.com/id/1038402
sirt@brocade.comhttps://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2017-315.htmVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038402
af854a3a-2127-422b-91ae-364da2661108https://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2017-315.htmVendor Advisory
Impacted products
Vendor Product Version
brocade netiron_mlx_series_firmware -
brocade netiron_mlxe-16 -
brocade netiron_mlxe-32 -
brocade netiron_mlxe-4 -
brocade netiron_mlxe-8 -
brocade netiron_cer_series_firmware -
brocade netiron_cer_2024c-4x-rt -
brocade netiron_cer_2024f-4x-rt -
brocade netiron_cer_2024f-rt -
brocade netiron_cer_2048fx-rt -
brocade netiron_ces_series_firmware -
brocade netiron_ces_2024c-4x -
brocade netiron_ces_2024f-4x -
brocade netiron_ces_2048fx -
brocade netiron_xmr_series_firmware -
brocade netiron_xmr_16000 -
brocade netiron_xmr_32000 -
brocade netiron_xmr_4000 -
brocade netiron_xmr_8000 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:brocade:netiron_mlx_series_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74935A30-8065-4F87-99FB-DD8B39C8FE92",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:brocade:netiron_mlxe-16:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF909A9A-69E1-4BEC-B16C-16EE7652D858",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:brocade:netiron_mlxe-32:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E751734-9855-4525-8056-53A12AE1C15D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:brocade:netiron_mlxe-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "045DF755-C804-449F-A452-578592788D39",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:brocade:netiron_mlxe-8:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56EA291A-4D1D-48ED-A8AF-76F1A2BECD13",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:brocade:netiron_cer_series_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "613E20A7-07B6-4771-8F09-4ED9FA197BEE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:brocade:netiron_cer_2024c-4x-rt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "739A02DA-84DD-462F-B0A1-FE22653C4A9C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:brocade:netiron_cer_2024f-4x-rt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE4D8757-F3E5-4AC1-9F6B-85687B70CB41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:brocade:netiron_cer_2024f-rt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FF952A7-E730-4D90-B4B6-84729A0A9E04",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:brocade:netiron_cer_2048fx-rt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76479441-A6B4-47DA-B857-2FEC94FF236E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:brocade:netiron_ces_series_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0687B3C5-FF7E-4B60-A295-4B616005939C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:brocade:netiron_ces_2024c-4x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D54CE6AC-8574-48BA-B01A-9347DB4AB2A2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:brocade:netiron_ces_2024f-4x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7C42F0A-7BF3-4B7C-B6D7-344B3F2C7774",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:brocade:netiron_ces_2048fx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0305844-4A09-41A7-84FB-00E51F732C95",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:brocade:netiron_xmr_series_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E9BB53-74D3-40E2-B4C1-A8FBFC5BB6AF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:brocade:netiron_xmr_16000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DF476B2-7DA0-4D15-9E2C-013DB97C2814",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:brocade:netiron_xmr_32000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C098C5F9-617A-4528-A8BE-0EAC37127400",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:brocade:netiron_xmr_4000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DBD4820-B983-4A77-8C83-BFA6D63F6FE6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:brocade:netiron_xmr_8000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3C81BAD-D528-401F-98BC-1E6F9BA80846",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module."
    },
    {
      "lang": "es",
      "value": "Comprobaci\u00f3n err\u00f3nea de condiciones inusuales o excepcionales en Brocade NetIron 05.8.00 y versiones posteriores hasta la versi\u00f3n 06.1.00 inclusive. Cuando el m\u00f3dulo de gesti\u00f3n se escanea continuamente en el puerto 22, puede permitir a los atacantes provocar una denegaci\u00f3n de servicio (bloqueo y reinicio) del m\u00f3dulo de gesti\u00f3n."
    }
  ],
  "id": "CVE-2016-8209",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-05-08T18:29:00.247",
  "references": [
    {
      "source": "sirt@brocade.com",
      "url": "http://www.securitytracker.com/id/1038402"
    },
    {
      "source": "sirt@brocade.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2017-315.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1038402"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2017-315.htm"
    }
  ],
  "sourceIdentifier": "sirt@brocade.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.