Summary

Security Advisory ID : BSA-2020-1082

Component : REST API

Revision : 2.0

Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks.

Note: Brocade Fabric OS versions before v8.2.1 are not affected. Rest API is implemented in Brocade Fabric OS versions v8.2.1 and above.

Affected Products

Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c.

Products Confirmed Not Vulnerable

No other Brocade Fibe Channel Products from Broadcom products are currently known to be affected by this vulnerability.

Solution

A security update is provided in Brocade Fabric OS versions v8.2.2c, v8.2.1e,v9.0.0.

All later versions of Brocade Fabric OS, including all FOS 9.X releases, will also contain this same security update.

Recommended Action

Brocade strongly recommends that all customers running the impacted version(s) upgrade to one of the identified patch levels or a higher version of Brocade Fabric OS to obtain this update.

Credit

This issue was discovered through security testing.

Revision History