Brocade Fabric OS Session ID Interception and Manipulation Vulnerability

Fabric OS is the firmware for Brocade Communications Systems' Fibre Channel switches and Fibre Channel controllers. A session ID interception and manipulation vulnerability exists in the Web management interface of Brocade Fabric OS prior to 8.2.1, 8.1.2f, 8.0.2f, and 7.4.2d. An attacker could us...

BSA-2018-736

Security Advisory ID : BSA-2018-736 Component : Fabric OS WebGui Revision : 1.0: Initial The Web management interface of Brocade Fabric OS doesn’t send cookies with secure flag.This could allow attackers to intercept or manipulate a victim user's session ID. Affected Products Brocade Fabric OS...