CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4162 – Segmentation fault in Brocade Fabric OS after Brocade Fabric OS v9.0
https://notcve.org/view.php?id=CVE-2023-4162
31 Aug 2023 — A segmentation fault can occur in Brocade Fabric OS after Brocade Fabric OS v9.0 and before Brocade Fabric OS v9.2.0a through the passwdcfg command. This could allow an authenticated privileged user local user to crash a Brocade Fabric OS swith using the cli “passwdcfg --set -expire -minDiff“. Puede producirse un fallo de segmentación en Brocade Fabric OS después de Brocade Fabric OS v9.0 y antes de Brocade Fabric OS v9.2.0a a través del comando "passwdcfg". Esto podría permitir que un usuario privilegiado ... • https://security.netapp.com/advisory/ntap-20231124-0010 • CWE-125: Out-of-bounds Read CWE-252: Unchecked Return Value CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4163 – Possible buffer overflow in portcfgfportbuffers in Brocade Fabric OS
https://notcve.org/view.php?id=CVE-2023-4163
31 Aug 2023 — In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command. En Brocade Fabric OS antes de v9.2.0a, un usuario privilegiado autenticado localmente puede desencadenar una condición de desbordamiento de búfer, lo que lleva a un pánico del kernel con una gran entrada a los búferes en el comando portcfgfportbuffers. • https://security.netapp.com/advisory/ntap-20231130-0001 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3489 – firmwaredownload command could log servers passwords in clear text
https://notcve.org/view.php?id=CVE-2023-3489
30 Aug 2023 — The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server password in clear text in the SupportSave file when performing a downgrade from Fabric OS v9.2.0 to any earlier version of Fabric OS. El comando firmwaredownload en Brocade Fabric OS v9.2.0 podría registrar la contraseña del servidor FTP/SFTP/SCP en texto plano en el archivo "SupportSave" al realizar un downgrade de Fabric OS v9.2.0 a culaquier versión anterior de Fabric OS. • https://security.netapp.com/advisory/ntap-20231124-0003 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31428 – CLI allows upload or transfer files of dangerous types
https://notcve.org/view.php?id=CVE-2023-31428
01 Aug 2023 — Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability in the command line that could allow a local user to dump files under user's home directory using grep. Brocade Fabric OS antes de Brocade Fabric OS v9.1.1c, v9.2.0 contiene una vulnerabilidad en la línea de comandos que podría permitir a un usuario local volcar archivos en el directorio raíz del usuario utilizando grep. • https://security.netapp.com/advisory/ntap-20230908-0007 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31430 – buffer overflow vulnerability in “secpolicydelete” command
https://notcve.org/view.php?id=CVE-2023-31430
01 Aug 2023 — A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service. Una vulnerabilidad de desbordamiento de búfer en el comando "secpolicydelete" en Brocade Fabric OS antes de Brocade Fabric OS v9.1.1c y v9.2.0 podría permitir a un usuario con privilegios autenticado bloquear el conmutador Brocade Fabric OS y provocar una denegación de s... • https://security.netapp.com/advisory/ntap-20230908-0007 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31431 – A buffer overflow vulnerability in “diagstatus” command
https://notcve.org/view.php?id=CVE-2023-31431
01 Aug 2023 — A buffer overflow vulnerability in “diagstatus” command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could allow an authenticated user to crash the Brocade Fabric OS switch leading to a denial of service. Una vulnerabilidad de desbordamiento de búfer en el comando "diagstatus" en Brocade Fabric OS antes de Brocade Fabric v9.2.0 y v9.1.1c podría permitir a un usuario autenticado bloquear el conmutador Brocade Fabric OS provocando una denegación de servicio. • https://security.netapp.com/advisory/ntap-20230908-0007 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •