CVE-2023-31426

Name of the Vulnerable Software and Affected Versions Brocade Fabric OS versions prior to 9.1.1c Brocade Fabric OS versions prior to 8.2.3d Brocade Fabric OS versions prior to 9.2.0

Description The issue concerns the Brocade Fabric OS Commands "configupload" and "configdownload" which print scp, sftp, ftp servers passwords in supportsave. This could allow a remote authenticated attacker to access sensitive information.

Recommendations For versions prior to 9.1.1c, update to version 9.1.1c or later. For versions prior to 8.2.3d, update to version 8.2.3d or later. For versions prior to 9.2.0, update to version 9.2.0 or later. As a temporary workaround, consider restricting access to the "configupload" and "configdownload" commands until a patch is available.