Vulnerability Details CVE-2018-6447
A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.1%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2018-6447
-
cpe:2.3:o:broadcom:fabric_operating_system:2.1.2
-
cpe:2.3:o:broadcom:fabric_operating_system:2.2
-
cpe:2.3:o:broadcom:fabric_operating_system:3.1
-
cpe:2.3:o:broadcom:fabric_operating_system:5.0.5b
-
cpe:2.3:o:broadcom:fabric_operating_system:5.2.0
-
cpe:2.3:o:broadcom:fabric_operating_system:5.2.0a
-
cpe:2.3:o:broadcom:fabric_operating_system:7.4.0
-
cpe:2.3:o:broadcom:fabric_operating_system:7.4.1
-
cpe:2.3:o:broadcom:fabric_operating_system:7.4.1a
-
cpe:2.3:o:broadcom:fabric_operating_system:7.4.1b
-
cpe:2.3:o:broadcom:fabric_operating_system:7.4.1c
-
cpe:2.3:o:broadcom:fabric_operating_system:7.4.1d
-
cpe:2.3:o:broadcom:fabric_operating_system:7.4.1e
-
cpe:2.3:o:broadcom:fabric_operating_system:7.4.2
-
cpe:2.3:o:broadcom:fabric_operating_system:7.4.2a
-
cpe:2.3:o:broadcom:fabric_operating_system:7.4.2b
-
cpe:2.3:o:broadcom:fabric_operating_system:7.4.2c
-
cpe:2.3:o:broadcom:fabric_operating_system:7.4.2d
-
cpe:2.3:o:broadcom:fabric_operating_system:7.4.2f
-
cpe:2.3:o:broadcom:fabric_operating_system:8.0.0
-
cpe:2.3:o:broadcom:fabric_operating_system:8.0.1
-
cpe:2.3:o:broadcom:fabric_operating_system:8.0.1a
-
cpe:2.3:o:broadcom:fabric_operating_system:8.0.1b
-
cpe:2.3:o:broadcom:fabric_operating_system:8.0.2
-
cpe:2.3:o:broadcom:fabric_operating_system:8.0.2a
-
cpe:2.3:o:broadcom:fabric_operating_system:8.0.2b
-
cpe:2.3:o:broadcom:fabric_operating_system:8.0.2c
-
cpe:2.3:o:broadcom:fabric_operating_system:8.0.2d
-
cpe:2.3:o:broadcom:fabric_operating_system:8.0.2f
-
cpe:2.3:o:broadcom:fabric_operating_system:8.1.0
-
cpe:2.3:o:broadcom:fabric_operating_system:8.1.0a
-
cpe:2.3:o:broadcom:fabric_operating_system:8.1.0b
-
cpe:2.3:o:broadcom:fabric_operating_system:8.1.0c
-
cpe:2.3:o:broadcom:fabric_operating_system:8.1.1
-
cpe:2.3:o:broadcom:fabric_operating_system:8.1.1a
-
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2
-
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2a
-
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2b
-
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2c
-
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2d
-
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2e
-
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2f
-
cpe:2.3:o:broadcom:fabric_operating_system:8.1.2j
-
cpe:2.3:o:broadcom:fabric_operating_system:8.2.0
-
cpe:2.3:o:broadcom:fabric_operating_system:8.2.0a
-
cpe:2.3:o:broadcom:fabric_operating_system:8.2.1
-
cpe:2.3:o:broadcom:fabric_operating_system:8.2.1a
-
cpe:2.3:o:broadcom:fabric_operating_system:8.2.1b
-
cpe:2.3:o:broadcom:fabric_operating_system:8.2.1c
-
cpe:2.3:o:broadcom:fabric_operating_system:8.2.1d
-
cpe:2.3:o:broadcom:fabric_operating_system:8.2.2
-
cpe:2.3:o:broadcom:fabric_operating_system:8.2.2a
-
cpe:2.3:o:broadcom:fabric_operating_system:8.2.2a1
-
cpe:2.3:o:broadcom:fabric_operating_system:8.2.2b
-
cpe:2.3:o:broadcom:fabric_operating_system:8.2.3