Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fabric_operating_system
(Broadcom)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 90 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-10-25 | CVE-2022-33180 | A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5 could allow a local authenticated attacker to export out sensitive files with “seccryptocfg”, “configupload”. | Fabric_operating_system | 5.5 | ||
| 2022-10-25 | CVE-2022-28170 | Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements. This could allow a local user to extract the passwords from a debug file. | Fabric_operating_system | 6.5 | ||
| 2022-10-25 | CVE-2022-33185 | Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user account. | Fabric_operating_system | 7.8 | ||
| 2022-10-25 | CVE-2022-33179 | A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j could allow a local authenticated user to break out of restricted shells with “set context” and escalate privileges. | Fabric_operating_system | 8.8 | ||
| 2022-10-25 | CVE-2022-33180 | A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5 could allow a local authenticated attacker to export out sensitive files with “seccryptocfg”, “configupload”. | Fabric_operating_system | 5.5 | ||
| 2022-10-25 | CVE-2022-33185 | Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user account. | Fabric_operating_system | 7.8 | ||
| 2022-10-25 | CVE-2022-33178 | A vulnerability in the radius authentication system of Brocade Fabric OS before Brocade Fabric OS 9.0 could allow a remote attacker to execute arbitrary code on the Brocade switch. | Fabric_operating_system | 7.2 | ||
| 2022-10-25 | CVE-2022-33184 | A vulnerability in fab_seg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0_cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and execute arbitrary code as the root user account. | Fabric_operating_system | 7.8 | ||
| 2022-10-25 | CVE-2022-33181 | An information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a local authenticated attacker to read sensitive files using switch commands “configshow” and “supportlink”. | Fabric_operating_system | 5.5 | ||
| 2022-10-25 | CVE-2022-33182 | A privilege escalation vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, could allow a local authenticated user to escalate its privilege to root using switch commands “supportlink”, “firmwaredownload”, “portcfgupload, license, and “fosexec”. | Fabric_operating_system | 7.8 |