Description
A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated attacker with admin privileges using the shell command “grep” to modify the path variables and move upwards in the directory structure or to traverse to different directories.
CVSS Metrics
- Vector
- CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Attack Vector
- local
- Complexity
- low
- Privileges
- high
- User Action
- none
- Confidentiality
- undefined
- Integrity
- undefined
- Availability
- undefined
- Weaknesses
- CWE-35
Metadata
- Primary Vendor
- BROADCOM
- Published
- 2/3/2026
- Last Modified
- 2/6/2026
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
broadcom : fabric_operating_system
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.