Filtered by vendor Broadcom Subscriptions
Total 516 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-33756 1 Broadcom 1 Ca Automic Automation 2024-08-03 7.5 High
CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data.
CVE-2022-33753 1 Broadcom 1 Ca Automic Automation 2024-08-03 8.8 High
CA Automic Automation 12.2 and 12.3 contain an insecure file creation and handling vulnerability in the Automic agent that could allow a user to potentially elevate privileges.
CVE-2022-33752 1 Broadcom 1 Ca Automic Automation 2024-08-03 9.8 Critical
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code.
CVE-2022-33750 1 Broadcom 1 Ca Automic Automation 2024-08-03 9.8 Critical
CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands.
CVE-2022-33183 1 Broadcom 1 Fabric Operating System 2024-08-03 8.8 High
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in “firmwaredownload” and “diagshow” commands.
CVE-2022-33182 1 Broadcom 1 Fabric Operating System 2024-08-03 7.8 High
A privilege escalation vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, could allow a local authenticated user to escalate its privilege to root using switch commands “supportlink”, “firmwaredownload”, “portcfgupload, license, and “fosexec”.
CVE-2022-33187 1 Broadcom 1 Brocade Sannav 2024-08-03 5.5 Medium
Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information.
CVE-2022-33180 1 Broadcom 1 Fabric Operating System 2024-08-03 5.5 Medium
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5 could allow a local authenticated attacker to export out sensitive files with “seccryptocfg”, “configupload”.
CVE-2022-33185 1 Broadcom 1 Fabric Operating System 2024-08-03 7.8 High
Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user account.
CVE-2022-33178 1 Broadcom 1 Fabric Operating System 2024-08-03 7.2 High
A vulnerability in the radius authentication system of Brocade Fabric OS before Brocade Fabric OS 9.0 could allow a remote attacker to execute arbitrary code on the Brocade switch.
CVE-2022-33179 1 Broadcom 1 Fabric Operating System 2024-08-03 8.8 High
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j could allow a local authenticated user to break out of restricted shells with “set context” and escalate privileges.
CVE-2022-33181 1 Broadcom 1 Fabric Operating System 2024-08-03 5.5 Medium
An information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a local authenticated attacker to read sensitive files using switch commands “configshow” and “supportlink”.
CVE-2022-33184 1 Broadcom 1 Fabric Operating System 2024-08-03 7.8 High
A vulnerability in fab_seg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0_cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and execute arbitrary code as the root user account.
CVE-2022-28487 2 Broadcom, Fedoraproject 2 Tcpreplay, Fedora 2024-08-03 7.5 High
Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality.
CVE-2022-28168 1 Broadcom 1 Sannav 2024-08-03 7.5 High
In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server passwords are stored using Base64 encoding, which could allow an attacker able to access log files to easily decode the passwords.
CVE-2022-28166 1 Broadcom 1 Sannav 2024-08-03 7.5 High
In Brocade SANnav version before SANN2.2.0.2 and Brocade SANNav before 2.1.1.8, the implementation of TLS/SSL Server Supports the Use of Static Key Ciphers (ssl-static-key-ciphers) on ports 443 & 18082.
CVE-2022-28167 1 Broadcom 1 Sannav 2024-08-03 6.5 Medium
Brocade SANnav before Brocade SANvav v. 2.2.0.2 and Brocade SANanv v.2.1.1.8 logs the Brocade Fabric OS switch password in plain text in asyncjobscheduler-manager.log
CVE-2022-28163 1 Broadcom 1 Sannav 2024-08-03 9.8 Critical
In Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated with Zone management are susceptible to SQL injection, allowing an attacker to run arbitrary SQL commands.
CVE-2022-28165 1 Broadcom 1 Sannav 2024-08-03 8.8 High
A vulnerability in the role-based access control (RBAC) functionality of the Brocade SANNav before 2.2.0 could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to perform. The vulnerability exists because restrictions are not performed on Server side to ensure the user has required permission before processing requests.
CVE-2022-28170 1 Broadcom 1 Fabric Operating System 2024-08-03 6.5 Medium
Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements. This could allow a local user to extract the passwords from a debug file.