Support Content Notification - Support Portal

CVE-2022-43935: Switch passwords and authorization IDs are printed in the embedded MLS DB file5

Product/Component

Brocade Fabric OS

2 more products

Notification Id

21219

Last Updated

08 November 2022

Initial Publication Date

08 November 2022

Status

Closed

Severity

Medium

CVSS Base Score

5.3 - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

WorkAround

Affected CVE

CVE-2022-43935

Summary

Security Advisory ID : BSA-2022-2125

Component : MLSDB

Revision : 1.0

An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where Brocade Fabric OS Switch passwords and authorization IDs are printed in the embedded MLS DB file.

Products Affected

Brocade SANnav versions before v2.2.2

Products Confirmed Not Affected

No other Brocade Fibre Channel products are affected.

Credit.

This issue was found internally.

Revision History

Version	Change	Date
1.0	Initial Publication	Nov 8, 2022