CVE-2025-58379 PUBLISHED

Password Exposure in Brocade Fabric OS

Assigner: brocade
Reserved: 29.08.2025 Published: 03.02.2026 Updated: 03.02.2026

Brocade Fabric OS before 9.2.1 has a vulnerability that could allow a local authenticated attacker to reveal command line passwords using commands that may expose higher privilege sensitive information by a lower privileged user.

Metrics

CVSS 4.0

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H
CVSS Score: 6

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Local	Confidentiality	High	Confidentiality	High
Attack Complexity	Low	Integrity	None	Integrity	High
Attack Requirements	Present	Availability	None	Availability	High
Privileges Required	Low
User Interaction	Passive

CVSS 4.0

Product Status

Vendor	Brocade
Product	Fabric OS
Versions	Default: unaffected Version before 9.2.1 is affected

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36850

Problem Types

CWE-250 Execution with Unnecessary Privileges CWE

Impacts

CAPEC-69 Target Programs with Elevated Privileges