Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-28170

Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements. This could allow a local user to extract the passwords from a debug file.

Published

2022-10-25T21:15:39.340

Last Modified

2025-05-09T17:15:49.380

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses
  • Type: Primary
    CWE-922
  • Type: Secondary
    CWE-922
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System broadcom fabric_operating_system < 7.4.2j Yes
Operating System broadcom fabric_operating_system < 8.2.3c Yes
Operating System broadcom fabric_operating_system < 9.0.1e Yes
Operating System broadcom fabric_operating_system 9.1.0 Yes
References