Support Content Notification - Support Portal

BSA-2020-1174

Product/Component

Brocade Fabric OS

2 more products

Notification Id

21592

Last Updated

15 December 2020

Initial Publication Date

15 December 2020

Status

Closed

Severity

N/A

CVSS Base Score

N/A

WorkAround

N/A

Affected CVE

N/A

Summary

Security Advisory ID : BSA-2020-1174

Component : Theft of FireEye Red Team Tools

Revision : 1.0

Brocade Security is aware of the news reporting the Theft of FireEye Red Team Tools by a highly sophisticated threat actor.
More information at Theft of FireEye Red Team Tools.

Products Confirmed Not Vulnerable

There are no vulnerabilities in Brocade Fibre Channel Products from Broadcom related to this issue,

No Brocade Fibre Channel Products from Broadcom products are currently known to be affected by the CVEs reported in the FireEye GitHub Repository (1).
(1). https://github.com/fireeye/red_team_tool_countermeasures/blob/master/CVEs_red_team_tools.md

CVE-2019-11510 – pre-auth arbitrary file reading from Pulse Secure SSL VPNs - CVSS 10.0
CVE-2020-1472 – Microsoft Active Directory escalation of privileges - CVSS 10.0
CVE-2018-13379 – pre-auth arbitrary file reading from Fortinet Fortigate SSL VPN - CVSS 9.8
CVE-2018-15961 – RCE via Adobe ColdFusion (arbitrary file upload that can be used to upload a JSP web shell) - CVSS 9.8
CVE-2019-0604 – RCE for Microsoft Sharepoint - CVSS 9.8
CVE-2019-0708 – RCE of Windows Remote Desktop Services (RDS) - CVSS 9.8
CVE-2019-11580 - Atlassian Crowd Remote Code Execution - CVSS 9.8
CVE-2019-19781 – RCE of Citrix Application Delivery Controller and Citrix Gateway - CVSS 9.8
CVE-2020-10189 – RCE for ZoHo ManageEngine Desktop Central - CVSS 9.8
CVE-2014-1812 – Windows Local Privilege Escalation - CVSS 9.0
CVE-2019-3398 – Confluence Authenticated Remote Code Execution - CVSS 8.8
CVE-2020-0688 – Remote Command Execution in Microsoft Exchange - CVSS 8.8
CVE-2016-0167 – local privilege escalation on older versions of Microsoft Windows - CVSS 7.8
CVE-2017-11774 – RCE in Microsoft Outlook via crafted document execution (phishing) - CVSS 7.8
CVE-2018-8581 - Microsoft Exchange Server escalation of privileges - CVSS 7.4
CVE-2019-8394 – arbitrary pre-auth file upload to ZoHo ManageEngine ServiceDesk Plus - CVSS 6.5

Note: Brocade Manageability products are not vulnerable to vulnerabilities described in the FireEye GitHub Repository. Brocade Manageability products also don't
include any product vulnerable to the above CVEs.
However if a Brocade Manageability product is installed on the same Server running products affected by these CVEs, this is out of Brocade's control.
Brocade recommends Customers to apply recommendation from the vendors.

Revision History

Version	Change	Date
1.0	Initial Publication	December 15, 2020