CVE-2024-7517
CVSS V2 None
CVSS V3 None
Description
A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on IP extension platforms could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command.
This specific exploitation is only possible on IP Extension platforms: Brocade 7810, Brocade 7840, Brocade 7850 and on Brocade X6 or X7 directors with an SX-6 Extension blade installed. The attacker must be logged into the switch via SSH or serial console to conduct the attack.
Overview
- CVE ID
- CVE-2024-7517
- Assigner
- brocade
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-21T05:53:34.442Z
- Last Modified Date
- 2024-11-21T05:55:00.417Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25071 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-7517 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7517 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-11-21 13:10:26 | Added to TrackCVE |