Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-15383

Running security scans against the SAN switch can cause config and secnotify processes within the firmware before Brocade Fabric OS v9.0.0, v8.2.2d and v8.2.1e to consume all memory leading to denial of service impacts possibly including a switch panic.

Published

2021-06-09T15:15:08.107

Last Modified

2024-11-21T05:05:27.397

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	broadcom	fabric_operating_system	< 8.2.1	Yes
Operating System	broadcom	fabric_operating_system	8.2.1	Yes
Operating System	broadcom	fabric_operating_system	8.2.1a	Yes
Operating System	broadcom	fabric_operating_system	8.2.1b	Yes
Operating System	broadcom	fabric_operating_system	8.2.1c	Yes
Operating System	broadcom	fabric_operating_system	8.2.1d	Yes
Operating System	broadcom	fabric_operating_system	8.2.2a1	Yes
Operating System	broadcom	fabric_operating_system	8.2.2b	Yes
Operating System	broadcom	fabric_operating_system	8.2.2c	Yes

References

https://security.netapp.com/advisory/ntap-20210819-0002/ Third Party Advisory ([email protected])
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1496 Vendor Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20210819-0002/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1496 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)