← volver
CVE-2018-6443

CVE-2018-6443

EPSS 7.4%
A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who has access to Network Advisor client libraries and able to decrypt the Jboss credentials could gain access to the Jboss web console.
Productos afectados
Brocade Communications Systems, Inc. · Brocade Network Advisor
PoCs públicas encontradas2
cve_referencepacketstormsecurity.com/files/153035/Brocade-Network-Advisor-14.4.1-Unauthenticated-Remote-Code-Execution.htmlno verificadoexploitdbwww.exploit-db.com/exploits/46887no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://packetstormsecurity.com/files/153035/Brocade-Network-Advisor-14.4.1-Unauthenticated-Remote-Code-Execution.htmlhttps://security.netapp.com/advisory/ntap-20190411-0005/https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-743