Design/Logic Flaw

2020-02-0516:15:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.1%

JSON

Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote ESRS server when these credentials are given as a command line option when configuring the ESRS client.

CPENameOperatorVersion
fabric_operating_systemge8.2.2
fabric_operating_systemlt8.2.2
fabric_operating_systemge8.2.1
fabric_operating_systemlt8.2.1

Name	Operator	Version
fabric_operating_system	ge	8.2.2
fabric_operating_system	lt	8.2.2
fabric_operating_system	ge	8.2.1
fabric_operating_system	lt	8.2.1

References

security.netapp.com/advisory/ntap-20200511-0008/

www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-906