CVSS: 9.8EPSS: 0%CPEs: 35EXPL: 0CVE-2020-15371
https://notcve.org/view.php?id=CVE-2020-15371
25 Sep 2020 — Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability. Brocade Fabric OS versiones anteriores a Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contienen una inyección de código y una vulnerabilidad de escalada de privilegios • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-1080 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2020-15369
https://notcve.org/view.php?id=CVE-2020-15369
25 Sep 2020 — Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server. An authenticated user could obtain the exposed password credentials to gain access to the remote host. La CLI de Supportlink en Brocade Fabric OS Versiones v8.2.1 hasta v8.2.1d, y versiones 8.2.2 anteriores a v8.2.2c, no oculta el campo password, lo que podría exponer las credenciales de usuarios del servido... • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-1078 • CWE-521: Weak Password Requirements •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6448
https://notcve.org/view.php?id=CVE-2018-6448
25 Sep 2020 — A vulnerability in the management interface in Brocade Fabric OS Versions before Brocade Fabric OS v9.0.0 could allow a remote attacker to perform a denial of service attack on the vulnerable host. Una vulnerabilidad en la interfaz de administración en Brocade Fabric OS versiones anteriores a Brocade Fabric OS v9.0.0, podría permitir a un atacante remoto llevar a cabo un ataque de denegación de servicio en el host vulnerable • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-1075 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6449
https://notcve.org/view.php?id=CVE-2018-6449
25 Sep 2020 — Host Header Injection vulnerability in the http management interface in Brocade Fabric OS versions before v9.0.0 could allow a remote attacker to exploit this vulnerability by injecting arbitrary HTTP headers Una vulnerabilidad de inyección de encabezado de host en la interfaz de administración http en Brocade Fabric OS versiones anteriores a v9.0.0, podría permitir a un atacante remoto explotar esta vulnerabilidad mediante la inyección de encabezados HTTP arbitrarios • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-1077 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 55EXPL: 0CVE-2018-6447
https://notcve.org/view.php?id=CVE-2018-6447
25 Sep 2020 — A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account. Una vulnerabilidad de tipo XSS Reflexivo en la Interfaz de Administración HTTP en Brocade Fabric OS versiones anteriores a Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g, podría permitir a at... • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-1073 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-16204
https://notcve.org/view.php?id=CVE-2019-16204
05 Feb 2020 — Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external passwords, common secrets or authentication keys used between the switch and an external server. Brocade Fabric OS versiones anteriores a v7.4.2f, v8.2.2a, v8.1.2j y v8.2.1d, podrían exponer contraseñas externas, secretos comunes o claves de autenticación usadas entre el switch y un servidor externo. • https://security.netapp.com/advisory/ntap-20200511-0007 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-16203
https://notcve.org/view.php?id=CVE-2019-16203
05 Feb 2020 — Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote ESRS server when these credentials are given as a command line option when configuring the ESRS client. Brocade Fabric OS versiones anteriores a v8.2.2a y v8.2.1d, podrían exponer las credenciales del servidor ESRS remoto cuando estas credenciales son otorgadas como una opción de línea de comando cuando se configura el cliente ESRS. • https://security.netapp.com/advisory/ntap-20200511-0008 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-6439
https://notcve.org/view.php?id=CVE-2018-6439
03 Dec 2018 — A Vulnerability in the configdownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. Una vulnerabilidad en el comando configdownload de la interfaz de línea de comandos de Brocade Fabric OS en versiones anteriores a la 8.2.1, 8.1.2f, 8.0.2f y 7.4.2d podría permitir que un atacante local escapa del shell restringido y obtener acceso root. • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-730 •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2018-6440
https://notcve.org/view.php?id=CVE-2018-6440
03 Dec 2018 — A vulnerability in the proxy service of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote unauthenticated attackers to obtain sensitive information and possibly cause a denial of service attack. Una vulnerabilidad en el servicio proxy de las versiones de Brocade Fabric OS anteriores a 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d podría permitir a los atacantes remotos no autenticados obtener información sensible y posiblemente provocar un ataque de denegación de servicio (DoS). • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-733 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-6438
https://notcve.org/view.php?id=CVE-2018-6438
08 Nov 2018 — A Vulnerability in the supportsave command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. Una vulnerabilidad en el comando supportsave de las versiones de la interfaz de línea de comandos (CLI) de Brocade Fabric OS en versiones anteriores a la 8.2.1, 8.1.2f, 8.0.2f, 8.4.2f y 7.4.2d podría permitir que un atacante local escape de la shell restringida y obtenga acceso root. • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-731 •