CVE-2017-6223

2017-10-1317:00:00

brocade

www.cve.org

AI Score

Confidence

High

EPSS

0.002

Percentile

54.3%

JSON

Ruckus Wireless Zone Director Controller firmware releases ZD9.9.x, ZD9.10.x, ZD9.13.0.x less than 9.13.0.0.232 contain OS Command Injection vulnerabilities in the ping functionality that could allow local authenticated users to execute arbitrary privileged commands on the underlying operating system.

CNA Affected

[
  {
    "product": "Zone Director Controller Firmware",
    "vendor": "Brocade Communications Systems, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "ZD9.9.x"
      },
      {
        "status": "affected",
        "version": "ZD9.10.x"
      },
      {
        "status": "affected",
        "version": "ZD9.13.0.x"
      }
    ]
  }
]

References

ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-092917.txt