Vulnerability Details CVE-2016-8205
A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.241
EPSS Ranking 95.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- http://www.securityfocus.com/bid/95694
- http://www.zerodayinitiative.com/advisories/ZDI-17-050
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03785en_us
- https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-178
- http://www.securityfocus.com/bid/95694
- http://www.zerodayinitiative.com/advisories/ZDI-17-050
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03785en_us
- https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-178
Products affected by CVE-2016-8205
-
cpe:2.3:a:brocade:network_advisor:11.0.0.0
-
cpe:2.3:a:brocade:network_advisor:11.0.2.0