Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SFTP/FTP password could be captured in plain text in Supportsave generated from SANnav
Vulnerability Description
Brocade Fabric OS versions before 8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2.1a can capture the SFTP/FTP server password used for a firmware download operation initiated by SANnav or through WebEM in a weblinker core dump that is later captured via supportsave.
CVSS Information
N/A
Vulnerability Type
将CoreDump文件暴露给非授权控制范围
Vulnerability Title
Broadcom Fabric OS 安全漏洞
Vulnerability Description
Broadcom Fabric OS(FOS)是美国博通(Broadcom)公司的一套使用在交换机和路由器等设备中的嵌入式操作系统。 Broadcom Fabric OS 8.2.3e2之前版本、9.0.0至9.2.0c版本和9.2.1至9.2.1a版本存在安全漏洞,该漏洞源于可以捕获用于由 SANnav 或通过 WebEM 启动的固件下载操作的 SFTP/FTP 服务器密码。
CVSS Information
N/A
Vulnerability Type
N/A