{"containers": {"cna": {"affected": [{"product": "Brocade SANnav & Brocade Fabric OS", "vendor": "n/a", "versions": [{"status": "affected", "version": "Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0 and Brocade SANnav v2.1.1"}]}], "descriptions": [{"lang": "en", "value": "The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications."}], "problemTypes": [{"descriptions": [{"description": "information disclosure vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-09T15:24:45.000Z", "orgId": "87b297d7-335e-4844-9551-11b97995a791", "shortName": "brocade"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1291"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@brocade.com", "ID": "CVE-2020-15387", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Brocade SANnav & Brocade Fabric OS", "version": {"version_data": [{"version_value": "Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0 and Brocade SANnav v2.1.1"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "information disclosure vulnerability"}]}]}, "references": {"reference_data": [{"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1291", "refsource": "MISC", "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1291"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:15:20.616Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1291"}]}]}, "cveMetadata": {"assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791", "assignerShortName": "brocade", "cveId": "CVE-2020-15387", "datePublished": "2021-06-09T15:24:45.000Z", "dateReserved": "2020-06-29T00:00:00.000Z", "dateUpdated": "2024-08-04T13:15:20.616Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:brocade_sannav:*:*:*:*:*:*:*:*", "matchCriteriaId": "F078016A-D256-4A68-9C65-DF23B6858158", "versionEndExcluding": "2.1.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "31DFB192-EA22-4604-85ED-0A34E0DBF384", "versionEndExcluding": "7.4.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD800AD8-1792-4D0B-BE9C-FDCE1BF6BE31", "versionEndExcluding": "8.2.1", "versionStartIncluding": "8.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:7.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "2FEAE07D-906E-4B7C-B577-14D15CFFB69C", "vulnerable": true}, {"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:7.4.2a:*:*:*:*:*:*:*", "matchCriteriaId": "8A589310-66AB-4D4F-A332-64E245AB1D0B", "vulnerable": true}, {"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:7.4.2b:*:*:*:*:*:*:*", "matchCriteriaId": "F633FD3F-8224-4D96-BD0C-55EA218D4364", "vulnerable": true}, {"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:7.4.2c:*:*:*:*:*:*:*", "matchCriteriaId": "656001D2-F17B-49C0-9F38-E84B5CE3E088", "vulnerable": true}, {"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:7.4.2d:*:*:*:*:*:*:*", "matchCriteriaId": "9761DF12-141D-4109-805D-449B5495ACB3", "vulnerable": true}, {"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:7.4.2f:*:*:*:*:*:*:*", "matchCriteriaId": "DD207CDF-7BF9-4FBD-86C4-C24B66D219FF", "vulnerable": true}, {"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:7.4.2g:*:*:*:*:*:*:*", "matchCriteriaId": "518C9470-B56D-4B6C-99F9-20DEB3F86BBA", "vulnerable": true}, {"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:8.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "0C91FB6C-7BF5-453E-A618-06756D3DD2FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:8.2.1a:*:*:*:*:*:*:*", "matchCriteriaId": "7CF38E78-8243-4615-A8A1-1396920F5BA1", "vulnerable": true}, {"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:8.2.1b:*:*:*:*:*:*:*", "matchCriteriaId": "84E4F075-D03B-4D98-8C9E-840D80DFFF48", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications."}, {"lang": "es", "value": "Los servidores SSH del host de Brocade Fabric OS versiones anteriores a v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, y Brocade SANnav versiones anteriores a v2.1.1, utilizan claves de menos de 2048 bits, que pueden ser vulnerables a ataques de tipo man-in-the-middle y/o a comunicaciones SSH no seguras"}], "id": "CVE-2020-15387", "lastModified": "2024-11-21T05:05:27.830", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-06-09T16:15:08.307", "references": [{"source": "sirt@brocade.com", "tags": ["Vendor Advisory"], "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1291"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1291"}], "sourceIdentifier": "sirt@brocade.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-326"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}