Denial-of-Service (DoS) after Unusual or Exceptional Conditions vulnerability (CVE-2025-4663)
35815
10 June 2025
10 June 2025
CLOSED
MEDIUM
6.8 Medium – CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CVE-2025-4663
|
Brocade Security Advisory ID |
BSA-2025-2995 |
|
Component |
CLI |
|
CWE |
CWE-754: Improper Check for Unusual or Exceptional Conditions |
|
|
|
Summary
An Improper Check for Unusual or Exceptional Conditions vulnerability in Brocade Fabric OS before 9.2.2.a could allow an authenticated, network-based attacker to cause a Denial-of-Service (DoS).
The vulnerability is encountered when supportsave is invoked remotely, using ssh command or SANnav inline ssh, and the corresponding ssh session is terminated with Control C (^c ) before supportsave completion.
This issue affects Brocade Fabric OS 9.0.0 through 9.2.2
Products Affected
- Brocade Fabric OS 9.0.0 through 9.2.2
Products Not Affected
- Brocade Fabric OS versions before 9.0.0
- Brocade ASCG is not affected by this vulnerability
- Brocade SANnav is not affected by this vulnerability
Solution
- Security update provided in Brocade Fabric OS 9.2.2a
Note
The issue was found during internal testing.
Revision History
|
Version |
Change |
Date |
|
1.0 |
Initial Publication |
June 10, 2025 |
Disclaimer
THIS DOCUMENT IS PROVIDED ON AN AS-IS BASIS SOLELY FOR INFORMATIONAL PURPOSES AND DOES NOT IMPLY ANY KIND OF GUARANTY OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. YOUR USE OF THE INFORMATION CONTAINED HEREIN IS AT YOUR OWN RISK. ALL INFORMATION PROVIDED HEREIN IS BASED ON BROCADE'S CURRENT KNOWLEDGE AND UNDERSTANDING OF THE VULNERABILITY AND IMPACT TO BROCADE HARDWARE AND SOFTWARE PRODUCTS. BROCADE RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.