CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33183
https://notcve.org/view.php?id=CVE-2022-33183
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in “firmwaredownload” and “diagshow” commands. Una vulnerabilidad en Brocade Fabric OS CLI versiones anteriores a Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j, podría permitir a un atacante remoto autenticado llevar a cabo un desbordamiento del búfer de la pila usando en comandos "firmwaredownload" y "diagshow" • https://security.netapp.com/advisory/ntap-20230127-0008 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2085 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-28170
https://notcve.org/view.php?id=CVE-2022-28170
Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements. This could allow a local user to extract the passwords from a debug file. Los servicios de aplicaciones web de Brocade Fabric OS versiones anteriores a Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j, almacenan las contraseñas del servidor y del usuario en las declaraciones de depuración. Esto podría permitir a un usuario local extraer las contraseñas de un archivo de depuración • https://security.netapp.com/advisory/ntap-20230127-0002 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2076 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-33178
https://notcve.org/view.php?id=CVE-2022-33178
A vulnerability in the radius authentication system of Brocade Fabric OS before Brocade Fabric OS 9.0 could allow a remote attacker to execute arbitrary code on the Brocade switch. Una vulnerabilidad en el sistema de autenticación radius de Brocade Fabric OS versiones anteriores a Brocade Fabric OS 9.0, podría permitir a un atacante remoto ejecutar código arbitrario en el conmutador Brocade • https://security.netapp.com/advisory/ntap-20230127-0003 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2077 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33182
https://notcve.org/view.php?id=CVE-2022-33182
A privilege escalation vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, could allow a local authenticated user to escalate its privilege to root using switch commands “supportlink”, “firmwaredownload”, “portcfgupload, license, and “fosexec”. Una vulnerabilidad de escalada de privilegios en Brocade Fabric OS CLI versiones anteriores a Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, podría permitir a un usuario local autenticado escalar su privilegio a root usando los comandos del switch "supportlink", "firmwaredownload", "portcfgupload, license, y "fosexec" • https://security.netapp.com/advisory/ntap-20230127-0007 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2084 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-33181
https://notcve.org/view.php?id=CVE-2022-33181
An information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a local authenticated attacker to read sensitive files using switch commands “configshow” and “supportlink”. Una vulnerabilidad de divulgación de información en Brocade Fabric OS CLI versiones anteriores a Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j, podría permitir a un atacante local autenticado leer archivos confidenciales usando los comandos del switch "configshow" y "supportlink" • https://security.netapp.com/advisory/ntap-20230127-0006 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2083 •