A buffer overflow vulnerability in “diagstatus” command
Description
A buffer overflow vulnerability in “diagstatus” command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could allow an authenticated user to crash the Brocade Fabric OS switch leading to a denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Buffer overflow in Brocade Fabric OS 'diagstatus' command allows authenticated users to crash the switch, causing denial of service.
Vulnerability
A buffer overflow vulnerability exists in the diagstatus command of Brocade Fabric OS. The issue affects versions before Brocade Fabric OS v9.1.1c, v9.2.0, and v8.2.3e [1]. An authenticated user can trigger the overflow by providing crafted input to the command, leading to a crash.
Exploitation
An attacker must have authenticated access to the Brocade Fabric OS switch. No special privileges beyond standard user authentication are required. The attacker can execute the diagstatus command with malicious input that overflows a buffer, causing the switch to crash.
Impact
Successful exploitation results in a denial of service (DoS) condition as the switch crashes. This disrupts network operations and may require manual intervention to restore service. No data confidentiality or integrity impact is indicated.
Mitigation
Broadcom has released fixed versions: Brocade Fabric OS v9.1.1c, v9.2.0, and v8.2.3e [1]. Users should upgrade to these or later versions. No workarounds are mentioned. The vulnerability was discovered during internal penetration testing [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <9.2.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.