Denial of Service Vulnerability in Brocade Fabric OS by Broadcom
CVE-2020-15383

7.5HIGH

Key Information:

Vendor: Broadcom
Status: Brocade Fabric Os
Vendor: CVE Published:; 9 June 2021

Summary

The vulnerability involves the configuration and security notification processes within the firmware of Brocade Fabric OS. When security scans are executed against the SAN switch, these processes can exploit memory resources, potentially draining all available memory. This situation may lead to various service impacts, including the possibility of a switch panic, rendering the device unresponsive. Organizations using affected versions are advised to assess their security posture and apply the necessary updates.

Affected Version(s)

Brocade Fabric OS Brocade Fabric OS versions before v9.0.0, v8.2.2d, and v8.2.1e

References

https://www.broadcom.com/support/fibre-channel-networking...

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20210819-0002/

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 9, 2021
Vulnerability Reserved
Jun 29, 2020