CVE-2024-10403

Brocade Fabric OS versions before8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2.1a cancapture the SFTP/FTP server password used for a firmware downloadoperation initiated by SANnav or through WebEM in a weblinker core dumpthat is later captured via supportsave.

CVE-2024-7516

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a swi...