{"api_version":"1","generated_at":"2026-04-23T07:55:39+00:00","cve":"CVE-2016-8207","urls":{"html":"https://cve.report/CVE-2016-8207","api":"https://cve.report/api/cve/CVE-2016-8207.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2016-8207","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2016-8207"},"summary":{"title":"CVE-2016-8207","description":"A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information.","state":"PUBLIC","assigner":"sirt@brocade.com","published_at":"2017-01-14 19:59:00","updated_at":"2018-05-10 01:29:00"},"problem_types":["CWE-22"],"metrics":[],"references":[{"url":"http://www.securityfocus.com/bid/95691","name":"95691","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"Brocade Network Advisor CVE-2016-8207 Directory Traversal Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03785en_us","name":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03785en_us","refsource":"CONFIRM","tags":[],"title":"Document Display | HPE Support Center","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.zerodayinitiative.com/advisories/ZDI-17-052","name":"http://www.zerodayinitiative.com/advisories/ZDI-17-052","refsource":"MISC","tags":[],"title":"Zero Day Initiative","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-180","name":"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-180","refsource":"CONFIRM","tags":[],"title":"Broadcom Inc. | Connecting Everything","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2016-8207","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8207","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2016","cve_id":"8207","vulnerable":"1","versionEndIncluding":"14.0.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"brocade","cpe5":"network_advisor","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"sirt@brocade.com","ID":"CVE-2016-8207","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Brocade Network Advisor versions released prior to and including 14.0.2","version":{"version_data":[{"version_value":"Brocade Network Advisor versions released prior to and including 14.0.2"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Directory Traversal"}]}]},"references":{"reference_data":[{"name":"95691","refsource":"BID","url":"http://www.securityfocus.com/bid/95691"},{"name":"http://www.zerodayinitiative.com/advisories/ZDI-17-052","refsource":"MISC","url":"http://www.zerodayinitiative.com/advisories/ZDI-17-052"},{"name":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03785en_us","refsource":"CONFIRM","url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03785en_us"},{"name":"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-180","refsource":"CONFIRM","url":"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-180"}]}},"nvd":{"publishedDate":"2017-01-14 19:59:00","lastModifiedDate":"2018-05-10 01:29:00","problem_types":["CWE-22"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:brocade:network_advisor:*:*:*:*:*:*:*:*","versionEndIncluding":"14.0.2","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2016","CveId":"8207","Ordinal":"94826","Title":"CVE-2016-8207","CVE":"CVE-2016-8207","Year":"2016"},"notes":[{"CveYear":"2016","CveId":"8207","Ordinal":"1","NoteData":"A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information.","Type":"Description","Title":null},{"CveYear":"2016","CveId":"8207","Ordinal":"2","NoteData":"2017-01-14","Type":"Other","Title":"Published"},{"CveYear":"2016","CveId":"8207","Ordinal":"3","NoteData":"2018-05-09","Type":"Other","Title":"Modified"}]}}}