DSA-2022-304: Dell Connectrix (Brocade) Security Update for EZswitch Vulnerability
Podsumowanie: Dell Connectrix (Brocade) remediation is available for an EZswitch vulnerability in Brocade Fabric OS (FOS) software that may be exploited by malicious users to compromise the affected system. ...
Ten artykuł dotyczy
Ten artykuł nie dotyczy
Ten artykuł nie jest powiązany z żadnym konkretnym produktem.
Nie wszystkie wersje produktu zostały zidentyfikowane w tym artykule.
Skutki
Critical
Szczegóły
| Third-party Component | CVE | More information |
| Connectrix (Brocade) FOS | CVE-2022-33186 | See NVD (http://nvd.nist.gov/ ) for individual scores for each CVE. |
| Third-party Component | CVE | More information |
| Connectrix (Brocade) FOS | CVE-2022-33186 | See NVD (http://nvd.nist.gov/) for individual scores for each CVE. |
Produkty, których dotyczy problem, i środki zaradcze
| CVE Addressed | Product | Affected Versions | Updated Versions | Link to Update |
| CVE-2022-33186 | Connectrix (Brocade) FOS | Brocade Fabric OS (FOS) v9.1.1, v9.0.1e, v8.2.3c, and v7.4.2j and earlier | v9.1.1_01 v9.0.1e1, v8.2.3c1 v7.4.2j1 |
Link to update |
| CVE Addressed | Product | Affected Versions | Updated Versions | Link to Update |
| CVE-2022-33186 | Connectrix (Brocade) FOS | Brocade Fabric OS (FOS) v9.1.1, v9.0.1e, v8.2.3c, and v7.4.2j and earlier | v9.1.1_01 v9.0.1e1, v8.2.3c1 v7.4.2j1 |
Link to update |
Obejścia problemu i środki zaradcze
To remove any exposure to this vulnerability, Brocade Fabric OS switch administrators must disable EZServer support or upgrade to a version of FOS that has the EZServer module removed.
Disabling EZServer is accomplished by using the CLI command "configurechassis." Disabling the EZServer in the switch configuration prevents any exposure to this vulnerability. This option is only available on FOS versions v8.1.0b and later. Customers running on older versions of FOS, including v7.4.2j, do not have this option and must upgrade to FOS v7.4.2j1 to protect their switches.
Customers that elect to upgrade their FOS version can obtain a patch with the EZServer module removed:
- FOS v9.1.1_01 and higher versions
- FOS v9.0.1e1 and higher versions
- FOS v8.2.3c1 and higher versions
- FOS v7.4.2j1 and higher versions
Example showing how to disable the EZServer module:
brocadeswitch:admin> configurechassis Configure... cfgload attributes (yes, y, no, n): [no] ssl attributes (yes, y, no, n): [no] webtools attributes (yes, y, no, n): [no] y ... Login Session Timeout (in secs): (60..432000) [7200] EZserver Enabled (yes, y, no, n): [yes] no ... brocadeswitch:admin >
Notes:
The following actions reenable EZServer on Fabric OS versions that do not have the EZServer module entirely removed:
- firmwarecleaninstall
- config removall
- configdefault
- factory reset
Historia zmian
| Revision | Date | Description |
| 1.0 | 2022-11-09 | Initial Release |
| 2.0 | 2023-02-14 | Corrected "Affected Product" section under "Article Properties." |
Powiązane informacje
Zastrzeżenie prawne
Produkty, których dotyczy problem
Connectrix, Connectrix, Connectrix B-Series, Connectrix B-Series, Brocade 5100, Brocade 6520, Brocade G620, Brocade M6505, Connectrix, Connectrix B-Series Fabric OS 9.X, Connectrix B-Series Software, Connectrix DS-300B, Connectrix DS-6505B
, Connectrix DS-6510B, Connectrix DS-6620B, Connectrix DS-6620B-V2, Connectrix DS-6630B, Connectrix DS-6630B-V2, Connectrix DS-7720B, Connectrix DS-7730B, Connectrix ED-DCX6-4B, Connectrix ED-DCX6-8B, Connectrix ED-DCX7-4B, Connectrix ED-DCX7-8B, Connectrix ED-DCX8510-4B, Connectrix ED-DCX8510-8B, Connectrix MP-7800B, Connectrix MP-7810B, Connectrix MP-7840B, Product Security Information
...
Właściwości artykułu
Numer artykułu: 000205092
Typ artykułu: Dell Security Advisory
Ostatnia modyfikacja: 18 wrz 2025
Znajdź odpowiedzi na swoje pytania u innych użytkowników produktów Dell
Usługi pomocy technicznej
Sprawdź, czy Twoje urządzenie jest objęte usługą pomocy technicznej.