CVE-2022-33182

Name of the Vulnerable Software and Affected Versions Brocade Fabric OS versions prior to 9.1.0 Brocade Fabric OS versions prior to 9.0.1e Brocade Fabric OS versions prior to 8.2.3c Brocade Fabric OS versions prior to 8.2.0cbn5

Description A privilege escalation issue in Brocade Fabric OS CLI could allow a local authenticated user to escalate its privilege to root. This can be achieved using switch commands "supportlink", "firmwaredownload", "portcfgupload", "license", and "fosexec". The issue is related to inadequate access control in the command-line interface.

Recommendations For Brocade Fabric OS versions prior to 9.1.0, update to version 9.1.0 or later. For Brocade Fabric OS versions prior to 9.0.1e, update to version 9.0.1e or later. For Brocade Fabric OS versions prior to 8.2.3c, update to version 8.2.3c or later. For Brocade Fabric OS versions prior to 8.2.0cbn5, update to version 8.2.0cbn5 or later. As a temporary workaround, consider restricting access to the commands "supportlink", "firmwaredownload", "portcfgupload", "license", and "fosexec" until a patch is available.