Page 11 of 519 results (0.006 seconds)

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service. Una vulnerabilidad de desbordamiento de búfer en el comando "secpolicydelete" en Brocade Fabric OS antes de Brocade Fabric OS v9.1.1c y v9.2.0 podría permitir a un usuario con privilegios autenticado bloquear el conmutador Brocade Fabric OS y provocar una denegación de servicio. • https://security.netapp.com/advisory/ntap-20230908-0007 https://support.broadcom.com/external/content/SecurityAdvisories/0/22381 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

A buffer overflow vulnerability in “diagstatus” command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could allow an authenticated user to crash the Brocade Fabric OS switch leading to a denial of service. Una vulnerabilidad de desbordamiento de búfer en el comando "diagstatus" en Brocade Fabric OS antes de Brocade Fabric v9.2.0 y v9.1.1c podría permitir a un usuario autenticado bloquear el conmutador Brocade Fabric OS provocando una denegación de servicio. • https://security.netapp.com/advisory/ntap-20230908-0007 https://support.broadcom.com/external/content/SecurityAdvisories/0/22384 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled. Las versiones de Brocade Fabric OS anteriores a Brocade Fabric OS v9.1.1c y v9.2.0 podrían permitir a un usuario local autenticado con conocimiento de los nombres de ruta completos dentro de Brocade Fabric OS ejecutar cualquier comando independientemente del privilegio asignado. A partir de Fabric OS v9.1.0, el acceso a la cuenta "root" está deshabilitado. • https://security.netapp.com/advisory/ntap-20230908-0007 https://support.broadcom.com/external/content/SecurityAdvisories/0/22379 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0

The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave. This could allow a remote authenticated attacker to access sensitive information. Los comandos de Brocade Fabric OS "configupload" y "configdownload" anteriores a Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 imprimen las contraseñas de los servidores scp, sftp y ftp en supportsave. Esto podría permitir a un atacante remoto autenticado acceder a información sensible. • https://security.netapp.com/advisory/ntap-20230908-0007 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22377 • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

A vulnerability in the fosexec command of Brocade Fabric OS after Brocade Fabric OS v9.1.0 and, before Brocade Fabric OS v9.1.1 could allow a local authenticated user to perform privilege escalation to root by breaking the rbash shell. Starting with Fabric OS v9.1.0, “root” account access is disabled. Una vulnerabilidad en el comando fosexec de Brocade Fabric OS después de Brocade Fabric OS v9.1.0 y, antes de Brocade Fabric OS v9.1.1 podría permitir a un usuario local autenticado realizar una escalada de privilegios a root rompiendo el shell rbash. A partir de Fabric OS v9.1.0, el acceso a la cuenta "root" está deshabilitado. • https://security.netapp.com/advisory/ntap-20230908-0007 https://support.broadcom.com/external/content/SecurityAdvisories/0/22407 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •