CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-33179
https://notcve.org/view.php?id=CVE-2022-33179
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j could allow a local authenticated user to break out of restricted shells with “set context” and escalate privileges. Una vulnerabilidad en Brocade Fabric OS CLI versiones anteriores a Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c y 7.4.2j, podría permitir a un usuario local autenticado salir de shells restringidos con "set context" y escalar privilegios • https://security.netapp.com/advisory/ntap-20230127-0004 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2079 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-27798
https://notcve.org/view.php?id=CVE-2021-27798
A vulnerability in Brocade Fabric OS versions v7.4.1b and v7.3.1d could allow local users to conduct privileged directory transversal. Brocade Fabric OS versions v7.4.1.x and v7.3.x have reached end of life. Brocade Fabric OS Users should upgrade to supported versions as described in the Product End-of-Life Publish report Una vulnerabilidad en Brocade Fabric OS versiones v7.4.1b y v7.3.1d, podría permitir a usuarios locales conducir un salto de directorio privilegiado. Brocade Fabric OS versiones v7.4.1.x y v7.3.x, han llegado al final de su vida útil. Los usuarios de Brocade Fabric OS deben actualizarse a versiones soportadas, tal y como es descrito en el Informe de Publicación de Fin de Vida del Producto • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2012 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-15388
https://notcve.org/view.php?id=CVE-2020-15388
A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files. Una vulnerabilidad en Brocade Fabric OS antes de Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4 y v7.4.2h podría permitir a un usuario autenticado de la CLI abusar del comando history para escribir contenido arbitrario en archivos • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1493 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-27789
https://notcve.org/view.php?id=CVE-2021-27789
The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device. An attacker who has compromised the FOS system may utilize this weakness to capture sensitive information, such as user credentials. La aplicación web de Brocade Fabric OS versiones anteriores a Brocade Fabric OS v9.0.1a y v8.2.3a, contiene declaraciones de depuración que exponen información confidencial al dispositivo de salida estándar del programa. Un atacante que haya comprometido el sistema FOS puede usar esta debilidad para capturar información confidencial, como las credenciales de usuarios • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1494 •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-27797
https://notcve.org/view.php?id=CVE-2021-27797
Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all versions of Brocade Fabric OS v8.0.x and v7.x contain documented hard-coded credentials, which could allow attackers to gain access to the system. Brocade Fabric OS versiones anteriores a Brocade Fabric OS versiones v8.2.1c, v8.1.2h, y todas las versiones de Brocade Fabric OS v8.0.x y v7.x contienen credenciales documentadas embebidas, que podrían permitir a los atacantes conseguir acceso al sistema • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1722 • CWE-798: Use of Hard-coded Credentials •