Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
password management API prints sensitive information in log files
Vulnerability Description
A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp. Detail. When the firmwaredownload command is incorrectly entered or points to an erroneous file, the firmware download log captures the failed command, including any password entered in the command line.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
Vulnerability Type
敏感数据的明文存储
Vulnerability Title
Brocade Fabric OS 安全漏洞
Vulnerability Description
Brocade Fabric OS(FOS)是美国博科(Brocade)公司的一套使用在交换机和路由器等设备中的嵌入式操作系统。 Brocade Fabric OS 9.2.1之前版本存在安全漏洞,该漏洞源于密码管理API在记录日志文件时打印了敏感信息,这可能允许经过身份验证的用户查看服务器密码。
CVSS Information
N/A
Vulnerability Type
N/A