csaf_certbund - wid-sec-w-2024-1002

WID-SEC-W-2024-1002

Vulnerability from csaf_certbund - Published: 2024-05-01 22:00 - Updated: 2024-08-22 22:00

Summary

Broadcom Fabric OS: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Fabric OS (FOS) ist ein Betriebssystem für FibreChannel Switches.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Broadcom Fabric OS ausnutzen, um Informationen offenzulegen.

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Fabric OS (FOS) ist ein Betriebssystem f\u00fcr FibreChannel Switches.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Broadcom Fabric OS ausnutzen, um Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1002 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1002.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1002 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1002"
      },
      {
        "category": "external",
        "summary": "Broadcon Security Advisory vom 2024-05-01",
        "url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/23299"
      },
      {
        "category": "external",
        "summary": "Broadcon Security Advisory vom 2024-05-01",
        "url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/23226"
      },
      {
        "category": "external",
        "summary": "Broadcon Security Advisory vom 2024-05-01",
        "url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/23227"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20240822-0010 vom 2024-08-22",
        "url": "https://security.netapp.com/advisory/ntap-20240822-0010/"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20240822-0009 vom 2024-08-22",
        "url": "https://security.netapp.com/advisory/ntap-20240822-0009/"
      }
    ],
    "source_lang": "en-US",
    "title": "Broadcom Fabric OS: Mehrere Schwachstellen erm\u00f6glichen Offenlegung von Informationen",
    "tracking": {
      "current_release_date": "2024-08-22T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-23T08:11:38.591+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.6"
        }
      },
      "id": "WID-SEC-W-2024-1002",
      "initial_release_date": "2024-05-01T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-05-01T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-08-22T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von NetApp aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Broadcom Fabric OS",
                "product": {
                  "name": "Broadcom Fabric OS",
                  "product_id": "978054",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:broadcom:fabric_operating_system:-"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cv9.2.1",
                "product": {
                  "name": "Broadcom Fabric OS \u003cv9.2.1",
                  "product_id": "T034490"
                }
              },
              {
                "category": "product_version",
                "name": "v9.2.1",
                "product": {
                  "name": "Broadcom Fabric OS v9.2.1",
                  "product_id": "T034490-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:broadcom:fabric_operating_system:v9.2.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cv9.2.0b",
                "product": {
                  "name": "Broadcom Fabric OS \u003cv9.2.0b",
                  "product_id": "T034491"
                }
              },
              {
                "category": "product_version",
                "name": "v9.2.0b",
                "product": {
                  "name": "Broadcom Fabric OS v9.2.0b",
                  "product_id": "T034491-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:broadcom:fabric_operating_system:v9.2.0b"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cv9.1.1d",
                "product": {
                  "name": "Broadcom Fabric OS \u003cv9.1.1d",
                  "product_id": "T034492"
                }
              },
              {
                "category": "product_version",
                "name": "v9.1.1d",
                "product": {
                  "name": "Broadcom Fabric OS v9.1.1d",
                  "product_id": "T034492-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:broadcom:fabric_operating_system:v9.1.1d"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cv8.2.3e",
                "product": {
                  "name": "Broadcom Fabric OS \u003cv8.2.3e",
                  "product_id": "T034493"
                }
              },
              {
                "category": "product_version",
                "name": "v8.2.3e",
                "product": {
                  "name": "Broadcom Fabric OS v8.2.3e",
                  "product_id": "T034493-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:broadcom:fabric_operating_system:v8.2.3e"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Fabric OS"
          }
        ],
        "category": "vendor",
        "name": "Broadcom"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-29953",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Broadcom Fabric OS. Diese Fehler bestehen im Passwortverwaltungs-API und im Web-Interface aufgrund der Offenlegung sensibler Informationen wie Server- und codierter Sitzungspassw\u00f6rter. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen. Eine der Schwachstellen erfordert eine Benutzerinteraktion f\u00fcr eine erfolgreiche Ausnutzung."
        }
      ],
      "product_status": {
        "known_affected": [
          "978054",
          "T034491",
          "T034490",
          "T034493",
          "T034492"
        ]
      },
      "release_date": "2024-05-01T22:00:00.000+00:00",
      "title": "CVE-2024-29953"
    },
    {
      "cve": "CVE-2024-29954",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Broadcom Fabric OS. Diese Fehler bestehen im Passwortverwaltungs-API und im Web-Interface aufgrund der Offenlegung sensibler Informationen wie Server- und codierter Sitzungspassw\u00f6rter. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen. Eine der Schwachstellen erfordert eine Benutzerinteraktion f\u00fcr eine erfolgreiche Ausnutzung."
        }
      ],
      "product_status": {
        "known_affected": [
          "978054",
          "T034491",
          "T034490",
          "T034493",
          "T034492"
        ]
      },
      "release_date": "2024-05-01T22:00:00.000+00:00",
      "title": "CVE-2024-29954"
    }
  ]
}

CVE-2024-29954 (GCVE-0-2024-29954)

Vulnerability from cvelistv5 – Published: 2024-06-25 23:42 – Updated: 2024-08-22 18:03

Summary

A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp. Detail. When the firmwaredownload command is incorrectly entered or points to an erroneous file, the firmware download log captures the failed command, including any password entered in the command line.

Severity ?

5.9 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

CWE

CWE-312 - Cleartext Storage of Sensitive Information

Assigner

brocade

References

URL

Tags

https://support.broadcom.com/web/ecx/support-cont…

Impacted products

	Vendor	Product	Version
	Brocade	Fabric OS	Affected: before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-29954",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-26T15:04:17.122827Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-26T15:04:23.448Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-22T18:03:11.996Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23226"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20240822-0010/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Fabric OS",
          "vendor": "Brocade",
          "versions": [
            {
              "status": "affected",
              "version": "before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eA vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp.\u003c/p\u003e\u003cp\u003eDetail.\u003cbr\u003eWhen the firmwaredownload command is incorrectly entered or points to an erroneous file, the firmware download log captures the failed command, including any password entered in the command line. \u003c/p\u003e\n\n"
            }
          ],
          "value": "A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp.\n\nDetail.\nWhen the firmwaredownload command is incorrectly entered or points to an erroneous file, the firmware download log captures the failed command, including any password entered in the command line."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "CWE-312 Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-25T23:42:50.227Z",
        "orgId": "87b297d7-335e-4844-9551-11b97995a791",
        "shortName": "brocade"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23226"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eSecurity update provided in Brocade Fabric OS v9.2.1, v9.2.0b, v9.1.1d, v8.2.3e\u003c/p\u003e"
            }
          ],
          "value": "Security update provided in Brocade Fabric OS v9.2.1, v9.2.0b, v9.1.1d, v8.2.3e"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "password management API prints sensitive information in log files",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
    "assignerShortName": "brocade",
    "cveId": "CVE-2024-29954",
    "datePublished": "2024-06-25T23:42:50.227Z",
    "dateReserved": "2024-03-22T05:00:09.538Z",
    "dateUpdated": "2024-08-22T18:03:11.996Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-29953 (GCVE-0-2024-29953)

Vulnerability from cvelistv5 – Published: 2024-06-25 23:16 – Updated: 2024-08-22 18:03

Summary

A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d prints encoded session passwords on session storage for Virtual Fabric platforms. This could allow an authenticated user to view other users' session encoded passwords.

Severity ?

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-922 - Insecure Storage of Sensitive Information

Assigner

brocade

References

URL

Tags

https://support.broadcom.com/web/ecx/support-cont…

Impacted products

	Vendor	Product	Version
	Brocade	Fabric OS	Affected: before v9.2.1, v9.2.0b, and v9.1.1d

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-29953",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-26T23:39:35.142531Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-26T23:39:40.986Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-22T18:03:11.060Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23227"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20240822-0009/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Fabric OS",
          "vendor": "Brocade",
          "versions": [
            {
              "status": "affected",
              "version": "before v9.2.1, v9.2.0b, and v9.1.1d"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d prints encoded session passwords on session storage for Virtual Fabric platforms. \u003c/span\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis could allow an authenticated user to view other users\u0027 session encoded passwords.\u003c/span\u003e\n\n"
            }
          ],
          "value": "A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d prints encoded session passwords on session storage for Virtual Fabric platforms. \nThis could allow an authenticated user to view other users\u0027 session encoded passwords."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-922",
              "description": "CWE-922 Insecure Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-25T23:16:48.169Z",
        "orgId": "87b297d7-335e-4844-9551-11b97995a791",
        "shortName": "brocade"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23227"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eThe security update is provided in Brocade Fabric OS v9.2.1, v9.2.0b, v9.1.1d\u003c/p\u003e"
            }
          ],
          "value": "The security update is provided in Brocade Fabric OS v9.2.1, v9.2.0b, v9.1.1d"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Encoded session passwords on session storage for Virtual Fabric platforms",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
    "assignerShortName": "brocade",
    "cveId": "CVE-2024-29953",
    "datePublished": "2024-06-25T23:16:48.169Z",
    "dateReserved": "2024-03-22T05:00:09.537Z",
    "dateUpdated": "2024-08-22T18:03:11.060Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2024-1002

CVE-2024-29954 (GCVE-0-2024-29954)

CVE-2024-29953 (GCVE-0-2024-29953)

Tags

Sightings

Nomenclature