CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-33181
https://notcve.org/view.php?id=CVE-2022-33181
25 Oct 2022 — An information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a local authenticated attacker to read sensitive files using switch commands “configshow” and “supportlink”. Una vulnerabilidad de divulgación de información en Brocade Fabric OS CLI versiones anteriores a Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j, podría permitir a un atacante local autenticado leer archivos confidenciales usando los comandos de... • https://security.netapp.com/advisory/ntap-20230127-0006 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33182
https://notcve.org/view.php?id=CVE-2022-33182
25 Oct 2022 — A privilege escalation vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, could allow a local authenticated user to escalate its privilege to root using switch commands “supportlink”, “firmwaredownload”, “portcfgupload, license, and “fosexec”. Una vulnerabilidad de escalada de privilegios en Brocade Fabric OS CLI versiones anteriores a Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, podría permitir a un usuario local autenticado escalar su privilegio a ro... • https://security.netapp.com/advisory/ntap-20230127-0007 •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33183
https://notcve.org/view.php?id=CVE-2022-33183
25 Oct 2022 — A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in “firmwaredownload” and “diagshow” commands. Una vulnerabilidad en Brocade Fabric OS CLI versiones anteriores a Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j, podría permitir a un atacante remoto autenticado llevar a cabo un desbordamiento del búfer de la pila usando en comandos "firmwaredownload" y "d... • https://security.netapp.com/advisory/ntap-20230127-0008 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33184
https://notcve.org/view.php?id=CVE-2022-33184
25 Oct 2022 — A vulnerability in fab_seg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0_cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and execute arbitrary code as the root user account. Una vulnerabilidad en las bibliotecas fab_seg.c.h de todas las versiones de Brocade Fabric OS versiones anteriores a Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0_cbn5, 7.4.2j, podría permitir a atacantes locales autenticados ... • https://security.netapp.com/advisory/ntap-20230127-0009 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-33185
https://notcve.org/view.php?id=CVE-2022-33185
25 Oct 2022 — Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user account. Varios comandos en Brocade Fabric OS versiones anteriores a Brocade Fabric OS v.9.0.1e, y v9.1.0, usan funciones de cadena no seguras para procesar la entrada del usuario. Los atacantes locales autenticados podrí... • https://security.netapp.com/advisory/ntap-20230127-0010 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-15388
https://notcve.org/view.php?id=CVE-2020-15388
18 Mar 2022 — A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files. Una vulnerabilidad en Brocade Fabric OS antes de Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4 y v7.4.2h podría permitir a un usuario autenticado de la CLI abusar del comando history para escribir contenido arbitrario en archivos • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1493 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-27789
https://notcve.org/view.php?id=CVE-2021-27789
18 Mar 2022 — The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device. An attacker who has compromised the FOS system may utilize this weakness to capture sensitive information, such as user credentials. La aplicación web de Brocade Fabric OS versiones anteriores a Brocade Fabric OS v9.0.1a y v8.2.3a, contiene declaraciones de depuración que exponen información confidencial al disposi... • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1494 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-27791
https://notcve.org/view.php?id=CVE-2021-27791
12 Aug 2021 — The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the intended range. An unauthenticated attacker could discover a request, which could bypass the authentication process. Una función que es usada para analizar el encabezado de Autenticación en el servicio de aplicaciones web de Brocade F... • https://security.netapp.com/advisory/ntap-20210819-0002 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-27790
https://notcve.org/view.php?id=CVE-2021-27790
12 Aug 2021 — The command ipfilter in Brocade Fabric OS before Brocade Fabric OS v.9.0.1a, v8.2.3, and v8.2.0_CBN4, and v7.4.2h uses unsafe string function to process user input. Authenticated attackers can abuse this vulnerability to exploit stack-based buffer overflows, allowing execution of arbitrary code as the root user account. El comando ipfilter en Brocade Fabric OS versiones anteriores a Brocade Fabric OS v.9.0.1a, v8.2.3, y v8.2.0_CBN4, y v7.4.2h, usa una función de cadena no segura para procesar la entrada del... • https://security.netapp.com/advisory/ntap-20210819-0002 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-27794
https://notcve.org/view.php?id=CVE-2021-27794
12 Aug 2021 — A vulnerability in the authentication mechanism of Brocade Fabric OS versions before Brocade Fabric OS v.9.0.1a, v8.2.3a and v7.4.2h could allow a user to Login with empty password, and invalid password through telnet, ssh and REST. Una vulnerabilidad en el mecanismo de autenticación de las versiones de Brocade Fabric OS anteriores a Brocade Fabric OS v.9.0.1a, v8.2.3a y v7.4.2h, podía permitir a un usuario iniciar sesión con una contraseña vacía y no válida mediante telnet, ssh y REST • https://security.netapp.com/advisory/ntap-20210819-0001 • CWE-287: Improper Authentication •