CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33184
https://notcve.org/view.php?id=CVE-2022-33184
A vulnerability in fab_seg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0_cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and execute arbitrary code as the root user account. Una vulnerabilidad en las bibliotecas fab_seg.c.h de todas las versiones de Brocade Fabric OS versiones anteriores a Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0_cbn5, 7.4.2j, podría permitir a atacantes locales autenticados explotar desbordamientos de búfer en la región stack de la memoria y ejecutar código arbitrario como cuenta de usuario root • https://security.netapp.com/advisory/ntap-20230127-0009 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2080 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33183
https://notcve.org/view.php?id=CVE-2022-33183
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in “firmwaredownload” and “diagshow” commands. Una vulnerabilidad en Brocade Fabric OS CLI versiones anteriores a Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j, podría permitir a un atacante remoto autenticado llevar a cabo un desbordamiento del búfer de la pila usando en comandos "firmwaredownload" y "diagshow" • https://security.netapp.com/advisory/ntap-20230127-0008 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2085 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-28170
https://notcve.org/view.php?id=CVE-2022-28170
Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements. This could allow a local user to extract the passwords from a debug file. Los servicios de aplicaciones web de Brocade Fabric OS versiones anteriores a Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j, almacenan las contraseñas del servidor y del usuario en las declaraciones de depuración. Esto podría permitir a un usuario local extraer las contraseñas de un archivo de depuración • https://security.netapp.com/advisory/ntap-20230127-0002 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2076 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33180
https://notcve.org/view.php?id=CVE-2022-33180
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5 could allow a local authenticated attacker to export out sensitive files with “seccryptocfg”, “configupload”. Una vulnerabilidad en Brocade Fabric OS CLI versiones anteriores a Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, podría permitir a un atacante local autenticado exportar archivos confidenciales con "seccryptocfg", "configupload" • https://security.netapp.com/advisory/ntap-20230127-0005 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2079 •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-15388
https://notcve.org/view.php?id=CVE-2020-15388
A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files. Una vulnerabilidad en Brocade Fabric OS antes de Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4 y v7.4.2h podría permitir a un usuario autenticado de la CLI abusar del comando history para escribir contenido arbitrario en archivos • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1493 •