CVE-2025-58382 | THREATINT

Description

A vulnerability in the secure configuration of authentication and management services in Brocade Fabric OS before Fabric OS 9.2.1c2 could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands as root using “supportsave”, “seccertmgmt”, “configupload” command.

PUBLISHED Reserved 2025-08-29 | Published 2026-02-03 | Updated 2026-02-04 | Assigner brocade

HIGH: 8.5CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-305: Authentication Bypass by Primary Weakness

Product status

Default status

unaffected

before 9.2.1c2 and 9.2.2 through 9.2.2a

affected

References

support.broadcom.com/...l/content/SecurityAdvisories/0/36849

cve.org (CVE-2025-58382)

nvd.nist.gov (CVE-2025-58382)

Download JSON