PT-2022-5070 · Brocade · Brocade Fabric Os
Published
2022-09-13
·
Updated
2025-05-07
·
CVE-2022-33183
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Brocade Fabric OS versions prior to 9.1.0
Brocade Fabric OS versions prior to 9.0.1e
Brocade Fabric OS versions prior to 8.2.3c
Brocade Fabric OS versions prior to 8.2.0cbn5
Brocade Fabric OS versions prior to 7.4.2.j
Description
The issue is related to a buffer overflow in the command-line interface of Brocade Fabric OS, which can be exploited by a remote attacker using the "firmwaredownload" and "diagshow" commands. This can lead to a denial of service.
Recommendations
For Brocade Fabric OS versions prior to 9.1.0, update to version 9.1.0 or later.
For Brocade Fabric OS versions prior to 9.0.1e, update to version 9.0.1e or later.
For Brocade Fabric OS versions prior to 8.2.3c, update to version 8.2.3c or later.
For Brocade Fabric OS versions prior to 8.2.0cbn5, update to version 8.2.0cbn5 or later.
For Brocade Fabric OS versions prior to 7.4.2.j, update to version 7.4.2.j or later.
As a temporary workaround, consider restricting access to the "firmwaredownload" and "diagshow" commands until a patch is available.
Fix
Memory Corruption
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Brocade Fabric Os