CVE-2024-7516
Nov. 21, 2024, 5:15 p.m.
Tags
Product(s) Impacted
Brocade Fabric OS
- before 9.2.2
Description
A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a switch admin.
Weaknesses
CWE-322
Key Exchange without Entity Authentication
The product performs a key exchange with an actor without verifying the identity of that actor.
CWE ID: 322Date
Published: Nov. 12, 2024, 7:15 p.m.
Last Modified: Nov. 21, 2024, 5:15 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
sirt@brocade.com
References
https://support.broadcom.com/
sirt@brocade.com