Summary

Brocade Fabric OS versions before 8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2.1a can capture the SFTP/FTP server password used for a firmware download operation initiated by SANnav or through WebEM in a weblinker core dump that is later captured via supportsave.

Description

The username and password of the SFTP/FTP server are supplied by SANnav, WebEM or REST API to FOS in order to complete the file transfer of RPM files needed for a firmware download operation. This user name and password information is kept in memory and could be captured if the weblinker daemon crashes and generates a core dump. The core dump is contained in the next SupportSave upload.

A solution to remove the username and password information stored in the low level library will prevent exposure provided that any weblinker daemon crash and core file generations happens after the firmware download operation completes, the processor reboots and Fabric OS is fully up and running.

Products Affected

• Brocade Fabric OS versions before 8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2.1a 

Products Not Affected

• Brocade ASCG is not affected by this vulnerability
• Brocade SANnav is not affected by this vulnerability

Solution

• Security update provided in Brocade Fabric OS 9.2.0c1, 9.2.1a1 and 9.2.2. 

Credit

The issue was found during internal testing.

Revision History

Disclaimer

THIS DOCUMENT IS PROVIDED ON AN AS-IS BASIS SOLELY FOR INFORMATIONAL PURPOSES AND DOES NOT IMPLY ANY KIND OF GUARANTY OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. YOUR USE OF THE INFORMATION CONTAINED HEREIN IS AT YOUR OWN RISK. ALL INFORMATION PROVIDED HEREIN IS BASED ON BROCADE'S CURRENT KNOWLEDGE AND UNDERSTANDING OF THE VULNERABILITY AND IMPACT TO BROCADE HARDWARE AND SOFTWARE PRODUCTS. BROCADE RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.