Filtered by vendor Broadcom
Subscriptions
Filtered by product Fabric Operating System
Subscriptions
Total
71 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-31429 | 1 Broadcom | 1 Fabric Operating System | 2024-09-18 | 5.5 Medium |
| Brocade Fabric OS before Brocade Fabric OS 9.1.1c, 9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal. | ||||
| CVE-2020-1967 | 10 Broadcom, Debian, Fedoraproject and 7 more | 26 Fabric Operating System, Debian Linux, Fedora and 23 more | 2024-09-17 | 7.5 High |
| Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f). | ||||
| CVE-2018-6440 | 1 Broadcom | 1 Fabric Operating System | 2024-09-16 | N/A |
| A vulnerability in the proxy service of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote unauthenticated attackers to obtain sensitive information and possibly cause a denial of service attack. | ||||
| CVE-2017-6225 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2024-09-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based information. | ||||
| CVE-2017-6227 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2024-09-16 | N/A |
| A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a targeted system. | ||||
| CVE-2018-6439 | 1 Broadcom | 1 Fabric Operating System | 2024-09-16 | N/A |
| A Vulnerability in the configdownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. | ||||
| CVE-2024-29954 | 1 Broadcom | 1 Fabric Operating System | 2024-08-22 | 5.9 Medium |
| A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp. Detail. When the firmwaredownload command is incorrectly entered or points to an erroneous file, the firmware download log captures the failed command, including any password entered in the command line. | ||||
| CVE-2004-1663 | 5 Broadcom, Brocade, Engenio and 2 more | 6 Fabric Operating System, Silkworm, Silkworm Fiber Channel Switch and 3 more | 2024-08-08 | N/A |
| Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets. | ||||
| CVE-2016-8202 | 1 Broadcom | 1 Fabric Operating System | 2024-08-06 | N/A |
| A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected versions, non-root users can gain root access with a combination of shell commands and parameters. | ||||
| CVE-2016-4376 | 2 Broadcom, Hp | 2 Fabric Operating System, Storefabric B Series Switch | 2024-08-06 | N/A |
| HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2018-6437 | 1 Broadcom | 1 Fabric Operating System | 2024-08-05 | N/A |
| A Vulnerability in the help command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. | ||||
| CVE-2018-6433 | 1 Broadcom | 1 Fabric Operating System | 2024-08-05 | N/A |
| A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system. | ||||
| CVE-2018-6442 | 1 Broadcom | 1 Fabric Operating System | 2024-08-05 | N/A |
| A vulnerability in the Brocade Webtools firmware update section of Brocade Fabric OS before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote authenticated attackers to execute arbitrary commands. | ||||
| CVE-2018-6436 | 1 Broadcom | 1 Fabric Operating System | 2024-08-05 | N/A |
| A Vulnerability in the firmwaredownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. | ||||
| CVE-2018-6447 | 1 Broadcom | 1 Fabric Operating System | 2024-08-05 | 5.4 Medium |
| A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account. | ||||
| CVE-2018-6438 | 1 Broadcom | 1 Fabric Operating System | 2024-08-05 | N/A |
| A Vulnerability in the supportsave command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access. | ||||
| CVE-2018-6435 | 1 Broadcom | 1 Fabric Operating System | 2024-08-05 | N/A |
| A Vulnerability in the secryptocfg command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, and gain root access. | ||||
| CVE-2018-6449 | 1 Broadcom | 1 Fabric Operating System | 2024-08-05 | 6.1 Medium |
| Host Header Injection vulnerability in the http management interface in Brocade Fabric OS versions before v9.0.0 could allow a remote attacker to exploit this vulnerability by injecting arbitrary HTTP headers | ||||
| CVE-2018-6448 | 1 Broadcom | 1 Fabric Operating System | 2024-08-05 | 7.5 High |
| A vulnerability in the management interface in Brocade Fabric OS Versions before Brocade Fabric OS v9.0.0 could allow a remote attacker to perform a denial of service attack on the vulnerable host. | ||||
| CVE-2018-6441 | 1 Broadcom | 1 Fabric Operating System | 2024-08-05 | N/A |
| A vulnerability in Secure Shell implementation of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to provide arbitrary environment variables, and bypass the restricted configuration shell. | ||||