Implementation of the Simple Network
Management Protocol (SNMP) operating on the Brocade 6547 (FC5022)
embedded switch blade, makes internal script calls to system.sh from
within the SNMP binary. An authenticated attacker could perform command
or parameter injection on SNMP operations that are only enabled on the
Brocade 6547 (FC5022) embedded switch. This injection could allow the
authenticated attacker to issue commands as Root.
CVE ID: CVE-2024-5461
CVSS Base Severity: HIGH
CVSS Base Score: 8.6
CVSS Vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Vendor: Brocade
Product: Brocade Fabric OS
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 12.0% (scored less or equal to compared to others)
EPSS Date: 2025-03-16 (when was this score calculated)