CVE-2018-6447

Name of the Vulnerable Software and Affected Versions Brocade Fabric OS versions prior to 9.0.0 Brocade Fabric OS versions prior to 8.2.2c Brocade Fabric OS versions prior to 8.2.1e Brocade Fabric OS versions prior to 8.1.2k Brocade Fabric OS versions prior to 8.2.0 CBN3 Brocade Fabric OS versions prior to 7.4.2g

Description A reflective XSS issue in the HTTP management interface could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account.

Recommendations For Brocade Fabric OS versions prior to 9.0.0, update to version 9.0.0 or later. For Brocade Fabric OS versions prior to 8.2.2c, update to version 8.2.2c or later. For Brocade Fabric OS versions prior to 8.2.1e, update to version 8.2.1e or later. For Brocade Fabric OS versions prior to 8.1.2k, update to version 8.1.2k or later. For Brocade Fabric OS versions prior to 8.2.0 CBN3, update to version 8.2.0 CBN3 or later. For Brocade Fabric OS versions prior to 7.4.2g, update to version 7.4.2g or later.