The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications.
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Brocade_sannav | Broadcom | * | 2.1.1 (excluding) |
| Fabric_operating_system | Broadcom | * | 7.4.2 (excluding) |
| Fabric_operating_system | Broadcom | 8.2.0 (including) | 8.2.1 (excluding) |
| Fabric_operating_system | Broadcom | 7.4.2 (including) | 7.4.2 (including) |
| Fabric_operating_system | Broadcom | 7.4.2a (including) | 7.4.2a (including) |
| Fabric_operating_system | Broadcom | 7.4.2b (including) | 7.4.2b (including) |
| Fabric_operating_system | Broadcom | 7.4.2c (including) | 7.4.2c (including) |
| Fabric_operating_system | Broadcom | 7.4.2d (including) | 7.4.2d (including) |
| Fabric_operating_system | Broadcom | 7.4.2f (including) | 7.4.2f (including) |
| Fabric_operating_system | Broadcom | 7.4.2g (including) | 7.4.2g (including) |
| Fabric_operating_system | Broadcom | 8.2.1 (including) | 8.2.1 (including) |
| Fabric_operating_system | Broadcom | 8.2.1a (including) | 8.2.1a (including) |
| Fabric_operating_system | Broadcom | 8.2.1b (including) | 8.2.1b (including) |