CVE-2020-15383

Running security scans against the SAN switch can cause config and secnotify processes within the firmware before Brocade Fabric OS v9.0.0, v8.2.2d and v8.2.1e to consume all memory leading to denial of service impacts possibly including a switch panic.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
broadcomfabric_operating_system
𝑥
< 8.2.1
broadcomfabric_operating_system
8.2.1
broadcomfabric_operating_system
8.2.1a:a
broadcomfabric_operating_system
8.2.1b:b
broadcomfabric_operating_system
8.2.1c:c
broadcomfabric_operating_system
8.2.1d:d
broadcomfabric_operating_system
8.2.2a1:a1
broadcomfabric_operating_system
8.2.2b:b
broadcomfabric_operating_system
8.2.2c:c
𝑥
= Vulnerable software versions
References
https://security.netapp.com/advisory/ntap-20210819-0002/
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1496
https://security.netapp.com/advisory/ntap-20210819-0002/
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1496