RCE in Brocade Communications Systems, Inc. Ruckus Networks Unleashed Aps And Zone Director
CVE-2017-6229
Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the…
Vulnerability class: Command Injection (OS Command Injection)
EPSS: 0.023 (80.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Brocade Communications Systems, Inc. Ruckus Networks Unleashed Aps And Zone Director — versions Unleashed AP firmware releases before 200.6.10.1.x and ZD firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x,9.13.3.0.x, 10.0.1.0.x or before
- Ruckuswireless H320
- Ruckuswireless H320_firmware
- Ruckuswireless H510
- Ruckuswireless H510_firmware
- Ruckuswireless R310
- Ruckuswireless R310_firmware
- Ruckuswireless R500
- Ruckuswireless R500_firmware
- Ruckuswireless R510
Weakness classification (CWE)
References
- sirt@brocade.com (x_refsource_CONFIRM, Vendor Advisory)
Frequently asked questions
- What is CVE-2017-6229?
- CVE-2017-6229 is a high-severity vulnerability in Brocade Communications Systems, Inc. Ruckus Networks Unleashed Aps And Zone Director, classified under OS Command Injection. CVSS score: 8.8/10. Published 2018-02-14.
- How severe is CVE-2017-6229?
- High severity. CVSS v3 base score is 8.8 out of 10.