Brocade Fabric OS - Security Update

Brocade Fabric OS - Security Update

Brocade Fabric OS - Security Update

Lenovo Security Advisory: LEN-91355

Potential Impact: Elevation of Privileges, Arbitrary Code Execution, Denial of Service

Severity: High

Scope of Impact: Industry-wide

CVE Identifier: CVE-2022-28169, CVE-2022-28170, CVE-2022-33178, CVE-2022-33179, CVE-2022-33180, CVE-2022-33181, CVE-2022-33182, CVE-2022-33183, CVE-2022-33184, CVE-2022-33185

 

Summary Description:

Brocade has released software security updates for Brocade Fabric OS.

 

Mitigation Strategy for Customers (what you should do to protect yourself):

Brocade recommends upgrading to Brocade Fabric OS versions listed in the below Product Impact table. 

 

Product Impact:

To download the version specified for your product below, follow these steps:

Navigate to the Drivers & Software support site for your product:

  1. Search for your product by name or machine type.
  2. Click Drivers & Software on the left menu panel.
  3. Click on Manual Update to browse by Component type.
  4. Compare the minimum fix version for your product from the applicable product table below with the latest version posted on the support site.

Lenovo also offers tools to assist with update management as an alternative to the manual steps described above. Refer to the following for additional help:

PC Products and Software: https://support.lenovo.com/us/en/solutions/ht504759

Server and Enterprise Software: https://support.lenovo.com/us/en/solutions/lnvo-lxcaupd and https://datacentersupport.lenovo.com/us/en/documents/lnvo-center

 

Click below links to view affected products:

Networking Switches

 

References:

https://www.broadcom.com/support/fibre-channel-networking/security-advisories

 

Revision History:

Revision Date Description
1 2022-09-13 Initial release

For a complete list of all Lenovo Product Security Advisories, click here.

For the most up to date information, please remain current with updates and advisories from Lenovo regarding your equipment and software. The information provided in this advisory is provided on an “as is” basis without any warranty or guarantee of any kind. Lenovo reserves the right to change or update this advisory at any time.

 

Product Impact:

Networking Switches

Product Component Minimum Fixed Version
Brocade - 300 FC SAN Switch Brocade FOS FOS 9.1.1, FOS 9.0.1e, FOS 8.2.3c, FOS 8.2.0_cbn5, FOS 7.4.2j
Brocade - 6505 FC SAN Switch Brocade FOS FOS 9.1.1, FOS 9.0.1e, FOS 8.2.3c, FOS 8.2.0_cbn5, FOS 7.4.2j
Brocade - 6510 FC SAN Switch Brocade FOS FOS 9.1.1, FOS 9.0.1e, FOS 8.2.3c, FOS 8.2.0_cbn5, FOS 7.4.2j
Lenovo - B300 FC SAN Switch Brocade FOS FOS 9.1.1, FOS 9.0.1e, FOS 8.2.3c, FOS 8.2.0_cbn5, FOS 7.4.2j
Lenovo - B6505 FC SAN Switch Brocade FOS FOS 9.1.1, FOS 9.0.1e, FOS 8.2.3c, FOS 8.2.0_cbn5, FOS 7.4.2j
Lenovo - B6510 FC SAN Switch Brocade FOS FOS 9.1.1, FOS 9.0.1e, FOS 8.2.3c, FOS 8.2.0_cbn5, FOS 7.4.2j
Lenovo ThinkSystem DB400D FC Switch Brocade FOS FOS 9.1.1, FOS 9.0.1e, FOS 8.2.3c, FOS 8.2.0_cbn5, FOS 7.4.2j
Lenovo ThinkSystem DB610S FC Switch Brocade FOS FOS 9.1.1, FOS 9.0.1e, FOS 8.2.3c, FOS 8.2.0_cbn5, FOS 7.4.2j
Lenovo ThinkSystem DB620S FC Switch Brocade FOS FOS 9.1.1, FOS 9.0.1e, FOS 8.2.3c, FOS 8.2.0_cbn5, FOS 7.4.2j
Lenovo ThinkSystem DB630S FC Switch Brocade FOS FOS 9.1.1, FOS 9.0.1e, FOS 8.2.3c, FOS 8.2.0_cbn5, FOS 7.4.2j
Lenovo ThinkSystem DB720S FC Switch Brocade FOS FOS 9.1.1, FOS 9.0.1e, FOS 8.2.3c, FOS 8.2.0_cbn5, FOS 7.4.2j
Lenovo ThinkSystem DB800D FC Switch Brocade FOS FOS 9.1.1, FOS 9.0.1e, FOS 8.2.3c, FOS 8.2.0_cbn5, FOS 7.4.2j

Alias Id:LEN-91355
Document ID:PS500517
Original Publish Date:09/13/2022
Last Modified Date:09/13/2022