CVE-2022-33181

Name of the Vulnerable Software and Affected Versions Brocade Fabric OS versions prior to 9.1.0 Brocade Fabric OS version 9.0.1e and earlier Brocade Fabric OS version 8.2.3c and earlier Brocade Fabric OS version 8.2.0cbn5 and earlier Brocade Fabric OS version 7.4.2.j and earlier

Description The issue is related to an information disclosure vulnerability in the command-line interface of Brocade Fabric OS. This vulnerability could allow a local authenticated attacker to read sensitive files. The attacker can use switch commands configshow and supportlink to exploit this issue.

Recommendations For Brocade Fabric OS versions prior to 9.1.0, update to version 9.1.0 or later. For Brocade Fabric OS version 9.0.1e and earlier, update to version 9.0.1e or later. For Brocade Fabric OS version 8.2.3c and earlier, update to version 8.2.3c or later. For Brocade Fabric OS version 8.2.0cbn5 and earlier, update to version 8.2.0cbn5 or later. For Brocade Fabric OS version 7.4.2.j and earlier, update to version 7.4.2.j or later. As a temporary workaround, consider restricting access to the configshow and supportlink switch commands until a patch is available.