Vulnerabilities > Broadcom

DATE CVE VULNERABILITY TITLE RISK
2021-07-14 CVE-2021-34174 Unspecified vulnerability in Broadcom Bcm4352 Firmware and Bcm43684 Firmware
A vulnerability exists in Broadcom BCM4352 and BCM43684 chips.
local
low complexity
broadcom
4.9
2021-06-30 CVE-2021-30648 Improper Authentication vulnerability in Broadcom products
The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass vulnerability.
network
low complexity
broadcom CWE-287
critical
9.0
2021-06-09 CVE-2020-15377 Server-Side Request Forgery (SSRF) vulnerability in Broadcom Sannav
Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfiguration; this is commonly referred to as Server-Side Request Forgery (SSRF).
network
low complexity
broadcom CWE-918
7.5
2021-06-09 CVE-2020-15378 Unspecified vulnerability in Broadcom Sannav
The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface.
network
low complexity
broadcom
5.0
2021-06-09 CVE-2020-15379 Improper Input Validation vulnerability in Broadcom Brocade Sannav
Brocade SANnav before v.2.1.0a could allow remote attackers cause a denial-of-service condition due to a lack of proper validation, of the length of user-supplied data as name for custom field name.
network
low complexity
broadcom CWE-20
5.0
2021-06-09 CVE-2020-15380 Information Exposure Through LOG Files vulnerability in Broadcom Sannav
Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level.
network
low complexity
broadcom CWE-532
5.0
2021-06-09 CVE-2020-15384 Cleartext Storage of Sensitive Information vulnerability in Broadcom Sannav
Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability.
network
low complexity
broadcom CWE-312
5.0
2021-06-09 CVE-2020-15385 Incorrect Permission Assignment for Critical Resource vulnerability in Broadcom Sannav
Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and list files without permission.
network
low complexity
broadcom CWE-732
5.5
2021-06-09 CVE-2020-15387 Inadequate Encryption Strength vulnerability in Broadcom Brocade Sannav and Fabric Operating System
The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications.
network
broadcom CWE-326
5.8
2021-06-09 CVE-2020-15381 Insufficiently Protected Credentials vulnerability in Broadcom Sannav
Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server.
network
low complexity
broadcom CWE-522
5.0