Filtered by vendor Broadcom
Subscribe
Total
509 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-15375 | 1 Broadcom | 1 Fabric Operating System | 2021-06-22 | 4.6 MEDIUM | 6.7 MEDIUM |
| Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g contain an improper input validation weakness in the command line interface when secccrypptocfg is invoked. The vulnerability could allow a local authenticated user to run arbitrary commands and perform escalation of privileges. | |||||
| CVE-2020-15372 | 1 Broadcom | 1 Fabric Operating System | 2021-06-22 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or bypassing the logging. | |||||
| CVE-2017-6227 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2021-06-22 | 6.1 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a targeted system. | |||||
| CVE-2018-6439 | 1 Broadcom | 1 Fabric Operating System | 2021-06-22 | 7.2 HIGH | 7.8 HIGH |
| A Vulnerability in the configdownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. | |||||
| CVE-2018-6440 | 1 Broadcom | 1 Fabric Operating System | 2021-06-22 | 6.4 MEDIUM | 9.1 CRITICAL |
| A vulnerability in the proxy service of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote unauthenticated attackers to obtain sensitive information and possibly cause a denial of service attack. | |||||
| CVE-2018-6434 | 1 Broadcom | 1 Fabric Operating System | 2021-06-22 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the web management interface of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow attackers to intercept or manipulate a user's session ID. | |||||
| CVE-2018-6435 | 1 Broadcom | 1 Fabric Operating System | 2021-06-22 | 7.2 HIGH | 7.8 HIGH |
| A Vulnerability in the secryptocfg command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, and gain root access. | |||||
| CVE-2018-6437 | 1 Broadcom | 1 Fabric Operating System | 2021-06-22 | 7.2 HIGH | 7.8 HIGH |
| A Vulnerability in the help command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. | |||||
| CVE-2018-6442 | 1 Broadcom | 1 Fabric Operating System | 2021-06-22 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability in the Brocade Webtools firmware update section of Brocade Fabric OS before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote authenticated attackers to execute arbitrary commands. | |||||
| CVE-2018-6441 | 1 Broadcom | 1 Fabric Operating System | 2021-06-22 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in Secure Shell implementation of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to provide arbitrary environment variables, and bypass the restricted configuration shell. | |||||
| CVE-2018-6433 | 1 Broadcom | 1 Fabric Operating System | 2021-06-22 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system. | |||||
| CVE-2018-6438 | 1 Broadcom | 1 Fabric Operating System | 2021-06-22 | 7.2 HIGH | 7.8 HIGH |
| A Vulnerability in the supportsave command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. | |||||
| CVE-2018-6436 | 1 Broadcom | 1 Fabric Operating System | 2021-06-22 | 7.2 HIGH | 7.8 HIGH |
| A Vulnerability in the firmwaredownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. | |||||
| CVE-2017-6225 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2021-06-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based information. | |||||
| CVE-2016-4376 | 2 Broadcom, Hp | 2 Fabric Operating System, Storefabric B Series Switch | 2021-06-22 | 7.8 HIGH | 6.5 MEDIUM |
| HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-8202 | 1 Broadcom | 1 Fabric Operating System | 2021-06-22 | 9.0 HIGH | 8.8 HIGH |
| A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected versions, non-root users can gain root access with a combination of shell commands and parameters. | |||||
| CVE-2004-1663 | 5 Broadcom, Brocade, Engenio and 2 more | 6 Fabric Operating System, Silkworm, Silkworm Fiber Channel Switch and 3 more | 2021-06-22 | 5.0 MEDIUM | N/A |
| Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets. | |||||
| CVE-2020-15370 | 1 Broadcom | 1 Fabric Operating System | 2021-06-22 | 4.0 MEDIUM | 6.5 MEDIUM |
| Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote attacker to view a user password in cleartext. The vulnerability is due to incorrectly logging the user password in log files. | |||||
| CVE-2019-18805 | 5 Broadcom, Linux, Netapp and 2 more | 22 Fabric Operating System, Linux Kernel, Active Iq Unified Manager and 19 more | 2021-06-22 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6. | |||||
| CVE-2019-19069 | 4 Broadcom, Canonical, Linux and 1 more | 21 Fabric Operating System, Ubuntu Linux, Linux Kernel and 18 more | 2021-06-22 | 7.8 HIGH | 7.5 HIGH |
| A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99. | |||||