External Password Exposure in Brocade Fabric OS by Broadcom
CVE-2019-16204

7.5HIGH

Key Information:

Vendor: Brocade
Status: Brocade Fabric Os
Vendor: CVE Published:; 5 February 2020

What is CVE-2019-16204?

Brocade Fabric OS, prior to specific versions, may unintentionally expose sensitive external passwords and authentication keys that are critical for securing communication between the switch and external servers. This vulnerability could allow attackers to gain access to authentication information, potentially leading to unauthorized access and data breaches. Organizations should ensure they are using patched versions of the Fabric OS to mitigate risks associated with this exposure.

Affected Version(s)

Brocade Fabric OS Brocade Fabric OS Versions before v7.4.2f

Brocade Fabric OS v8.2.2a

Brocade Fabric OS v8.1.2j and v8.2.1d

References

https://www.broadcom.com/support/fibre-channel-networking...

x_refsource_CONFIRM

https://security.netapp.com/advisory/ntap-20200511-0007/

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 5, 2020
Vulnerability Reserved
Sep 10, 2019