CVE-2024-5462

Name of the Vulnerable Software and Affected Versions Brocade Fabric OS versions prior to 9.2.0

Description The issue arises when configuration settings in Brocade Fabric OS are not set to encrypt SNMP passwords, resulting in the exposure of SNMP privsecret and authsecret fields in plaintext. This can occur in a configupload capture or a supportsave capture if password encryption is not enabled. An attacker can utilize these passwords to fetch values of supported OIDs via SNMPv3 queries. Additionally, there are a limited number of MIB objects that can be modified.

Recommendations For Brocade Fabric OS versions prior to 9.2.0, update to version 9.2.0 or later to resolve the issue. As a temporary workaround, consider enabling encryption of SNMP passwords to prevent plaintext exposure. Restrict access to configupload and supportsave captures to minimize the risk of exploitation. Avoid using plaintext passwords in SNMPv3 queries until the issue is resolved.