Fibre Channel (SAN)

Reply
Occasional Contributor
Posts: 5
Registered: ‎07-30-2017

Bug with Fabric OS v8.0.2c

After upgrading my 2x 6520 switches this morning, with Fabric OS v8.0.2c, all the Factory user accounts had their passwords changed back to factory defult.  I was unable to find any reference to this in the release notes and or that the passwords were required to be set back to defult before the upgrade.  

I then upgrade to 8.1.1 after changing the paswords back to some more complex and this time the factory accounts held their complex passwords.

 

Has anyone else had this issue when upgrading to v8.0.2c?

 

Note the upgrade path was from:

7.4.1b > 8.0.2c > 8.1.1

Brocade Moderator
Posts: 105
Registered: ‎04-27-2009

Re: Bug with Fabric OS v8.0.2c

Hi Gunns,

 

is it possible that they were on default @ FOS 7.4?

 

When upgrading to FOS 8.x it is normal to get prompted to change the password during 1st login if it has been on default before.

That's my observation during all my FOS 8 upgrades so far.

 

TL

If this provided you with a solution to this issue, please mark it with the button at the bottom "Accept as solution".

Any and all information provided by me is not reviewed, approved or endorsed by Brocade and is provided solely as a convenience for Brocade customers. All systems and all networks are different and unique. If you have a service affecting network problem, please open a TAC service request for service through Brocade, or through your OEM equipment provider.
Occasional Contributor
Posts: 5
Registered: ‎07-30-2017

Re: Bug with Fabric OS v8.0.2c

Hi Thomas,

All factory user account password were all changed when we got the switches and not the factory default ones at the time of the upgrade from FOS 7.4.

I have done many firmware upgrade over the last 10 years and this was the first time that I have encountered this. It took me a good half and hour to bother to try the factory default PW's after upgrading the first switch and not being able to login as root or admin, as it was something that has never happened to me before.

I figured it must be some sort of bug after I got the same result after upgrading the 2nd switch.
External Moderator
Posts: 4,973
Registered: ‎02-23-2004

Re: Bug with Fabric OS v8.0.2c

@Gunns

 

begin with FOS 8.x, root account is disable and need to enable when you isse the FOS upgrade from 7.4.x

 

this is no BUG or Defect.

TechHelp24
Occasional Contributor
Posts: 5
Registered: ‎07-30-2017

Re: Bug with Fabric OS v8.0.2c

Hi Antonio,

Thanks for your reply.

This does not explain why I was able to login with the root account, with the default factory password straight after the upgrade. No account enabling, this was the first account I used to log into the switch.

Like I said before I did this twice using the same method for the same result.

Note the release note say that:
"The default switch “root” account is disabled on switches that have FOS v8.0.1 installed at the factory."

This is not a factory delivered switch with v8.0.1 installed, this is an upgrade from an existing FOS.

This also does not explain why the admin account password was reset to factory default as well.
External Moderator
Posts: 4,973
Registered: ‎02-23-2004

Re: Bug with Fabric OS v8.0.2c

[ Edited ]

@Gunns

 

about the admin account,

 

--->>>This also does not explain why the admin account password was reset to factory default as well.

 

target path is ->7.4.1d/e -> 8.0.2b or higher

 

FOS 7.4.1d was be addressed Security Fix such account password.

 

--->>> Note the upgrade path was from:

--->>> 7.4.1b > 8.0.2c > 8.1.1

 

 Where in FOS 7.4.1c or earlier is not fixed.

TechHelp24
Occasional Contributor
Posts: 5
Registered: ‎07-30-2017

Re: Bug with Fabric OS v8.0.2c

[ Edited ]

Hi Antonio,

Thank you for the explanation on why the admin PW reset. Whats defect ID for this?

Just in case I have not explained myself on the root account:

Start FOS 7.4.1.b
Root account enabled
Password: Complex

Upgrade FOS 8.0.2c
Root account still enabled
Password: Factory Default

Cheers

Brocade Moderator
Posts: 105
Registered: ‎04-27-2009

Re: Bug with Fabric OS v8.0.2c

Hi Gunns,

 

there is no defect associated with this behavior and I still believe it is related to the security strengthening in FOS 8.x.

I believe you will not see this PW change enforcement again.

 

TL

If this provided you with a solution to this issue, please mark it with the button at the bottom "Accept as solution".

Any and all information provided by me is not reviewed, approved or endorsed by Brocade and is provided solely as a convenience for Brocade customers. All systems and all networks are different and unique. If you have a service affecting network problem, please open a TAC service request for service through Brocade, or through your OEM equipment provider.
Occasional Contributor
Posts: 5
Registered: ‎07-30-2017

Re: Bug with Fabric OS v8.0.2c

Hi Thomas,

I don't feel that resetting the factory accounts back to "default passwords" as part of the FOS upgrade is security strengthening. That is unless it is specified in the release notes, which in this case it is not.

If I chose not to try and login after the firmware upgrade with the factory accounts this could have gone unnoticed for a long time. This could have caused a major security incident as anyone that knows the default password or just simply googled them could have logged in and done malicious damage.

Either add a warring in the release notes for FOS v8.0.2c that this will happen or fix the behavior with the firmware upgrade.

Cheers Gunns

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.