CVE-2024-7516

HIGH

7.1

Beschreibung

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a switch admin.

CVE Details

CVSS v3.1 Bewertung7.1

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AngriffsvektorADJACENT_NETWORK

KomplexitatHIGH

Erforderliche PrivilegienNONE

BenutzerinteraktionREQUIRED

Veroffentlicht11/12/2024

Zuletzt geandert2/4/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

broadcom:fabric_operating_system

Schwachen (CWE)

CWE-322CWE-306

Referenzen

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25177(sirt@brocade.com)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.