CVE-2024-7517

Name of the Vulnerable Software and Affected Versions: Brocade Fabric OS versions prior to 9.2.0c Brocade Fabric OS versions 9.2.1 through 9.2.1a

Description: The issue is related to a command injection vulnerability in the IPSEC component of Brocade Fabric OS, which could allow a local authenticated attacker to perform a privileged escalation via crafted use of the portcfg command. This specific exploitation is only possible on IP Extension platforms, including Brocade 7810, Brocade 7840, Brocade 7850, and on Brocade X6 or X7 directors with an SX-6 Extension blade installed. The attacker must be logged into the switch via SSH or serial console to conduct the attack.

Recommendations: For Brocade Fabric OS versions prior to 9.2.0c, update to version 9.2.0c or later. For Brocade Fabric OS versions 9.2.1 through 9.2.1a, update to version 9.2.1b or later. As a temporary workaround, consider restricting access to the portcfg command until a patch is available.