Remote Code Execution in Brocade Switch Radius Authentication System
CVE-2022-33178

7.2HIGH

Key Information:

Vendor: Broadcom
Status: Brocade Fabric Os
Vendor: CVE Published:; 25 October 2022

Summary

A vulnerability has been identified in the radius authentication system of Brocade Fabric OS that can be exploited by a remote attacker. If successfully executed, this vulnerability allows unauthorized execution of arbitrary code on the affected Brocade switches, potentially compromising the security and functionality of network operations.

Affected Version(s)

Brocade Fabric OS Brocade Fabric OS versions before Brocade Fabric OS 9.0

References

https://www.broadcom.com/support/fibre-channel-networking...

https://security.netapp.com/advisory/ntap-20230127-0003/

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 25, 2022
Vulnerability Reserved
Jun 13, 2022