{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-58381","assignerOrgId":"87b297d7-335e-4844-9551-11b97995a791","state":"PUBLISHED","assignerShortName":"brocade","dateReserved":"2025-08-29T21:03:16.424Z","datePublished":"2026-02-03T05:40:14.240Z","dateUpdated":"2026-02-04T16:24:08.695Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Fabric OS","vendor":"Brocade","versions":[{"status":"affected","version":"before 9.2.1c2"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A\n vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an \nauthenticated attacker with admin privileges using the shell commands \n“source, ping6, sleep, disown, wait to modify the path variables and \nmove upwards in the directory structure or to traverse to different \ndirectories."}],"value":"A\n vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an \nauthenticated attacker with admin privileges using the shell commands \n“source, ping6, sleep, disown, wait to modify the path variables and \nmove upwards in the directory structure or to traverse to different \ndirectories."}],"impacts":[{"capecId":"CAPEC-126","descriptions":[{"lang":"en","value":"CAPEC-126: Path Traversal"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"LOCAL","baseScore":4.6,"baseSeverity":"MEDIUM","exploitMaturity":"NOT_DEFINED","privilegesRequired":"HIGH","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-35","description":"CWE-35: Path Traversal","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"87b297d7-335e-4844-9551-11b97995a791","shortName":"brocade","dateUpdated":"2026-02-03T05:41:10.234Z"},"references":[{"url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36853"}],"source":{"discovery":"UNKNOWN"},"title":"Directory transversal vulnerability in Brocade Fabric OS before 9.2.1c2 and 9.2.2 through 9.2.2a using various shell commands","x_generator":{"engine":"Vulnogram 0.5.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-02-04T16:23:47.466971Z","id":"CVE-2025-58381","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-04T16:24:08.695Z"}}]}}