Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-7517

Summary
Assigner-brocade
Assigner Org ID-87b297d7-335e-4844-9551-11b97995a791
Published At-21 Nov, 2024 | 05:53
Updated At-21 Nov, 2024 | 17:52
Rejected At-
Credits

Privileged escalation via crafted use of portcfg command

A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command. This specific exploitation is only possible on IP Extension platforms: Brocade 7810, Brocade 7840, Brocade 7850 and on Brocade X6 or X7 directors with an SX-6 Extension blade installed. The attacker must be logged into the switch via SSH or serial console to conduct the attack.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:brocade
Assigner Org ID:87b297d7-335e-4844-9551-11b97995a791
Published At:21 Nov, 2024 | 05:53
Updated At:21 Nov, 2024 | 17:52
Rejected At:
▼CVE Numbering Authority (CNA)
Privileged escalation via crafted use of portcfg command

A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command. This specific exploitation is only possible on IP Extension platforms: Brocade 7810, Brocade 7840, Brocade 7850 and on Brocade X6 or X7 directors with an SX-6 Extension blade installed. The attacker must be logged into the switch via SSH or serial console to conduct the attack.

Affected Products
Vendor
Brocade Communications Systems, Inc. (Broadcom Inc.)Brocade
Product
Fabric OS
Default Status
unaffected
Versions
Affected
  • Brocade Fabric OS versions before 9.2.0c, and 9.2.1 through 9.2.1a
Problem Types
TypeCWE IDDescription
CWECWE-77CWE-77: Improper Neutralization of Special Elements used in a Command
Type: CWE
CWE ID: CWE-77
Description: CWE-77: Improper Neutralization of Special Elements used in a Command
Metrics
VersionBase scoreBase severityVector
4.08.5HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 8.5
Base severity: HIGH
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-248CAPEC-248 Command Injection
CAPEC ID: CAPEC-248
Description: CAPEC-248 Command Injection
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25071
N/A
Hyperlink: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25071
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
Brocade Communications Systems, Inc. (Broadcom Inc.)brocade
Product
fabric_os
CPEs
  • cpe:2.3:o:brocade:fabric_os:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 9.2.0c (custom)
  • From 9.2.1 before 9.2.1a (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:sirt@brocade.com
Published At:21 Nov, 2024 | 11:15
Updated At:21 Nov, 2024 | 13:57

A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command. This specific exploitation is only possible on IP Extension platforms: Brocade 7810, Brocade 7840, Brocade 7850 and on Brocade X6 or X7 directors with an SX-6 Extension blade installed. The attacker must be logged into the switch via SSH or serial console to conduct the attack.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.5HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 4.0
Base score: 8.5
Base severity: HIGH
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-77Secondarysirt@brocade.com
CWE ID: CWE-77
Type: Secondary
Source: sirt@brocade.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25071sirt@brocade.com
N/A
Hyperlink: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25071
Source: sirt@brocade.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

5Records found
CVE-2024-5461
Matching Score-6
Assigner-Brocade Communications Systems, LLC
ShareView Details
Matching Score-6
Assigner-Brocade Communications Systems, LLC
CVSS Score-8.6||HIGH
EPSS-0.07% / 20.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2025 | 00:06
Updated-18 Feb, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command or parameter injection via unique embedded switch SNMP commands.

Implementation of the Simple Network Management Protocol (SNMP) operating on the Brocade 6547 (FC5022) embedded switch blade, makes internal script calls to system.sh from within the SNMP binary. An authenticated attacker could perform command or parameter injection on SNMP operations that are only enabled on the Brocade 6547 (FC5022) embedded switch. This injection could allow the authenticated attacker to issue commands as Root.

Action-Not Available
Vendor-Brocade Communications Systems, Inc. (Broadcom Inc.)
Product-Brocade Fabric OS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-31429
Matching Score-6
Assigner-Brocade Communications Systems, LLC
ShareView Details
Matching Score-6
Assigner-Brocade Communications Systems, LLC
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 30.21%
||
7 Day CHG~0.00%
Published-01 Aug, 2023 | 20:20
Updated-15 Oct, 2024 | 14:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple commands print sensitive information in the terminal

Brocade Fabric OS before Brocade Fabric OS 9.1.1c, 9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal.

Action-Not Available
Vendor-Brocade Communications Systems, Inc. (Broadcom Inc.)Broadcom Inc.
Product-fabric_operating_systemFabric OS
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-39567
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.5||HIGH
EPSS-0.31% / 53.86%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 12:05
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications is vulnerable to command injection due to missing server side input sanitation when loading VPN configurations. This could allow an authenticated local attacker to execute arbitrary code with system privileges.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_clientSINEMA Remote Connect Clientsinema_remote_connect_client
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-39568
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.5||HIGH
EPSS-0.24% / 47.46%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 12:05
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications is vulnerable to command injection due to missing server side input sanitation when loading proxy configurations. This could allow an authenticated local attacker to execute arbitrary code with system privileges.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_clientSINEMA Remote Connect Clientsinema_remote_connect_client
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-0396
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.5||HIGH
EPSS-0.29% / 52.05%
||
7 Day CHG~0.00%
Published-12 Jan, 2025 | 12:00
Updated-13 Jan, 2025 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
exelban stats XPC Service shouldAcceptNewConnection command injection

A vulnerability, which was classified as critical, has been found in exelban stats up to 2.11.21. This issue affects the function shouldAcceptNewConnection of the component XPC Service. The manipulation leads to command injection. It is possible to launch the attack on the local host. Upgrading to version 2.11.22 is able to address this issue. It is recommended to upgrade the affected component.

Action-Not Available
Vendor-exelban
Product-stats
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Details not found