Page 6 of 42 results (0.049 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Host Header Injection vulnerability in the http management interface in Brocade Fabric OS versions before v9.0.0 could allow a remote attacker to exploit this vulnerability by injecting arbitrary HTTP headers Una vulnerabilidad de inyección de encabezado de host en la interfaz de administración http en Brocade Fabric OS versiones anteriores a v9.0.0, podría permitir a un atacante remoto explotar esta vulnerabilidad mediante la inyección de encabezados HTTP arbitrarios • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-1077 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 55EXPL: 0

A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account. Una vulnerabilidad de tipo XSS Reflexivo en la Interfaz de Administración HTTP en Brocade Fabric OS versiones anteriores a Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g, podría permitir a atacantes autenticados con acceso a la interfaz web secuestrar la sesión de un usuario y tomar el control de la cuenta • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-1073 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external passwords, common secrets or authentication keys used between the switch and an external server. Brocade Fabric OS versiones anteriores a v7.4.2f, v8.2.2a, v8.1.2j y v8.2.1d, podrían exponer contraseñas externas, secretos comunes o claves de autenticación usadas entre el switch y un servidor externo. • https://security.netapp.com/advisory/ntap-20200511-0007 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-905 • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0

A vulnerability in the proxy service of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote unauthenticated attackers to obtain sensitive information and possibly cause a denial of service attack. Una vulnerabilidad en el servicio proxy de las versiones de Brocade Fabric OS anteriores a 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d podría permitir a los atacantes remotos no autenticados obtener información sensible y posiblemente provocar un ataque de denegación de servicio (DoS). • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-733 •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

A Vulnerability in the configdownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. Una vulnerabilidad en el comando configdownload de la interfaz de línea de comandos de Brocade Fabric OS en versiones anteriores a la 8.2.1, 8.1.2f, 8.0.2f y 7.4.2d podría permitir que un atacante local escapa del shell restringido y obtener acceso root. • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-730 •