CVE-2023-3489 Information

Description

The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server password in clear text in the SupportSave file when performing a downgrade from Fabric OS v9.2.0 to any earlier version of Fabric OS.

Reference

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22510