CVE-2024-5461

Name of the Vulnerable Software and Affected Versions Brocade 6547 (FC5022) versions prior to 8.2.3e1 pha

Description The implementation of the Simple Network Management Protocol (SNMP) in the Brocade 6547 (FC5022) embedded switch blade makes internal script calls to system.sh from within the SNMP binary. An authenticated attacker could perform command or parameter injection on SNMP operations, allowing them to issue commands as Root.

Recommendations For Brocade 6547 (FC5022) versions prior to 8.2.3e1 pha, update to version 8.2.3e1 pha or later to resolve the issue. As a temporary workaround, consider restricting access to SNMP operations to minimize the risk of exploitation.