Brocade Fabric OS Vulnerabilities - Lenovo Support US

Lenovo Security Advisory: LEN-18214

**Potential Impact:**Cross-site Scripting, Denial of Service

Severity: High

Scope of Impact: Industry-wide

CVE Identifier: CVE-2017-6225, CVE-2017-6227

Summary Description:

Brocade issued advisories BSA-2018-525 and BSA-2018-526 related to vulnerabilities in Brocade Fabric OS allowing cross-site scripting (XSS) in the web-based management interface, and denial of service caused by an adjacent attacker sending crafted Router Advertisement messages.

Mitigation Strategy for Customers (what you should do to protect yourself):

Brocade recommends applying the firmware update appropriate for your model described in the product impact section below.