Brocade Fabric OS and SANnav Vulnerabilities - Lenovo Support NL

**Lenovo Security Advisory:**LEN-46654

**Potential Impact:**Privilege escalation, denial of service, information disclosure

**Severity:**High

**Scope of Impact:**Industry-wide

**CVE Identifier:**CVE-2018-6447, CVE-2018-6448, CVE-2018-6449, CVE-2019-16211, CVE-2019-16212, CVE-2020-15369, CVE-2020-15370, CVE-2020-15371, CVE-2020-15372, CVE-2020-15373, CVE-2020-15374, CVE-2020-15375

Summary Description:

Brocade has reported potential vulnerabilities in Brocade Fabric OS (FOS) and Brocade SANnav that could allow escalation of privilege, denial of service, or information disclosure.

Mitigation Strategy for Customers (what you should do to protect yourself):

Brocade recommends upgrading to Brocade Fabric OS versions v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g or higher as applicable.

Brocade recommends upgrading to Brocade SANnav 2.1.0 or higher.

References:

CVE-2018-6447: BSA-2020-1073

CVE-2018-6448: BSA-2020-1075

CVE-2018-6449: BSA-2020-1077

CVE-2019-16211: BSA-2020-1076

CVE-2019-16212: BSA-2020-1074

CVE-2020-15369: BSA-2020-1078

CVE-2020-15370: BSA-2020-1079

CVE-2020-15371: BSA-2020-1080

CVE-2020-15372: BSA-2020-1081

CVE-2020-15373: BSA-2020-1082

CVE-2020-15374: BSA-2020-1083

CVE-2020-15375: BSA-2020-1084

Revision History:

For a complete list of all Lenovo Product Security Advisories, click here.

For the most up to date information, please remain current with updates and advisories from Lenovo regarding your equipment and software. The information provided in this advisory is provided on an “as is” basis without any warranty or guarantee of any kind. Lenovo reserves the right to change or update this advisory at any time.