CVE-2016-8202
HIGHBrocade Fibre Channel SAN <7.4.1d-8.0.1b - Privilege Escalation
Title source: llmDescription
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected versions, non-root users can gain root access with a combination of shell commands and parameters.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1038401
Third Party Advisory x_refsource_confirm
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03739en_us
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/98332
Various Sources x_refsource_confirm
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-208
Scores
CVSS v3
8.8
EPSS
0.0169
EPSS Percentile
82.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-264
Status
published
Products (3)
broadcom/fabric_operating_system
8.0.1
broadcom/fabric_operating_system
< 7.4.1c
Brocade Communications Systems, Inc./Fibre Channel SAN products running Brocade Fabric OS (FOS).
Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b
Published
May 08, 2017
Tracked Since
Feb 18, 2026