[VIM] CVE-2013-6810 / EMC / HP issue is actually Brocade
Christey, Steven M.
coley at mitre.org
Wed Jan 29 11:58:29 CST 2014
All,
CVE-2013-6810 was originally published in EMC advisory ESA-2013-089 and HP's HPSBHF02953. We have received confirmation that this issue is actually due to a third-party product, produced by Brocade. However, there are no publicly-accessible advisories from that vendor.
A Brocade representative has provided CVE with the following information for publication.
- Steve
---------------------------------------------------
Affected Products : Brocade Network Advisor 11.2.x, 11.3.x, 12.0.x
Corrected in: Brocade Network Advisor 12.1.0 and later releases
Vulnerable installation conditions : Default installations exposed to external access
Non-vulnerable installation conditions : Brocade Network Advisor server isolated from external networks using strict firewall rules only allowing who can interact with Brocade Network Advisor server.
Description : Brocade Network Advisor Server is vulnerable to remote attacks which can transfer and execute arbitrary code.
CVE Identifier: CVE-2013-6810
CVSSv2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Discovered by: Andrea Micalizzi aka rgod with Zero Day Initiative
Disclosure date : 12/2/2013
Disclosure coordinated with discoverer and Brocade partners.
More information about the VIM
mailing list