← voltar
CVE-2018-6443

CVE-2018-6443

EPSS 7.4%
A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who has access to Network Advisor client libraries and able to decrypt the Jboss credentials could gain access to the Jboss web console.
Produtos afetados
Brocade Communications Systems, Inc. · Brocade Network Advisor
PoCs públicas encontradas2
cve_referencepacketstormsecurity.com/files/153035/Brocade-Network-Advisor-14.4.1-Unauthenticated-Remote-Code-Execution.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/46887não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/153035/Brocade-Network-Advisor-14.4.1-Unauthenticated-Remote-Code-Execution.htmlhttps://security.netapp.com/advisory/ntap-20190411-0005/https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-743