CVE-2022-33185

Name of the Vulnerable Software and Affected Versions Brocade Fabric OS versions prior to 9.0.1e Brocade Fabric OS version 9.1.0

Description The issue is related to the use of unsafe string functions to process user input in several commands, which can lead to stack-based buffer overflows. This allows authenticated local attackers to execute arbitrary code as the root user account. The vulnerability is also associated with reading data beyond buffer boundaries in memory, enabling an attacker to execute arbitrary code.

Recommendations For Brocade Fabric OS versions prior to 9.0.1e, update to version 9.0.1e or later to resolve the issue. For Brocade Fabric OS version 9.1.0, consider disabling the use of unsafe string functions in commands until a patch is available. As a temporary workaround, restrict access to commands that use unsafe string functions to minimize the risk of exploitation.