CVE-2022-33181

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

An information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a local authenticated attacker to read sensitive files using switch commands “configshow” and “supportlink”.

Una vulnerabilidad de divulgación de información en Brocade Fabric OS CLI versiones anteriores a Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j, podría permitir a un atacante local autenticado leer archivos confidenciales usando los comandos del switch "configshow" y "supportlink"

*Credits: N/A

CVSS Scores

NISTv3.1 5.5

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-06-13 CVE Reserved
2022-10-25 CVE Published
2023-03-08 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (2)

URL	Tag	Source
https://security.netapp.com/advisory/ntap-20230127-0006	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2083	2023-08-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Broadcom Search vendor "Broadcom"		Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System"				< 7.4.2.j Search vendor "Broadcom" for product "Fabric Operating System" and version " < 7.4.2.j"		-		Affected
Broadcom Search vendor "Broadcom"		Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System"				>= 8.0.0 < 8.2.3c Search vendor "Broadcom" for product "Fabric Operating System" and version " >= 8.0.0 < 8.2.3c"		-		Affected
Broadcom Search vendor "Broadcom"		Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System"				>= 9.0.0 < 9.0.1e Search vendor "Broadcom" for product "Fabric Operating System" and version " >= 9.0.0 < 9.0.1e"		-		Affected
Broadcom Search vendor "Broadcom"		Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System"				9.1.0 Search vendor "Broadcom" for product "Fabric Operating System" and version "9.1.0"		-		Affected