CVE-2020-15375 — MEDIUM (6.7)

Q: How severe is CVE-2020-15375?

CVE-2020-15375 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-15375?

Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Fabric Operating System.

Vulnerability Description

Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g contain an improper input validation weakness in the command line interface when secccrypptocfg is invoked. The vulnerability could allow a local authenticated user to run arbitrary commands and perform escalation of privileges.

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Broadcom	Fabric Operating System	< 7.4.2g

Related Weaknesses (CWE)

CWE-20

References

https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brVendor Advisory
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brVendor Advisory

FAQ

What is CVE-2020-15375?

CVE-2020-15375 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g contain an improper input validation weakness in the command line interface when secccrypptocfg is invoked. Th...

How severe is CVE-2020-15375?

CVE-2020-15375 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-15375?

Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Fabric Operating System.