Description

The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications.

Related CPE's

a

broadcom

brocade_sannav

Vulnerable

o

broadcom

fabric_operating_system

12

References

https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1291

Vendor Advisory

Weaknesses

[email protected]

Primary
CWE-326

CVSS impact metrics

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

7.4 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-06-09T16:15:08.307

4 years ago

Last modified

2021-08-23T14:47:23.153

3 years ago