CVE-2024-7516

HIGH

7.1

Description

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a switch admin.

CVE Details

CVSS v3.1 Score7.1

SeverityHIGH

CVSS VectorCVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack VectorADJACENT_NETWORK

ComplexityHIGH

Privileges RequiredNONE

User InteractionREQUIRED

Published11/12/2024

Last Modified2/4/2025

Sourcenvd

Honeypot Sightings0

Affected Products

broadcom:fabric_operating_system

Weaknesses (CWE)

CWE-322CWE-306

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25177(sirt@brocade.com)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.