Vulnerabilities > Broadcom > Fabric Operating System > 7.4.2c
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-31 | CVE-2023-4163 | Classic Buffer Overflow vulnerability in Broadcom Fabric Operating System In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command. | 4.4 |
| 2023-08-01 | CVE-2023-31427 | Path Traversal vulnerability in Broadcom Fabric Operating System Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. | 7.8 |
| 2023-08-01 | CVE-2023-31426 | Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave. | 6.5 |
| 2023-08-01 | CVE-2023-31429 | Command Injection vulnerability in Broadcom Fabric Operating System Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal. | 5.5 |
| 2022-10-25 | CVE-2022-28170 | Insecure Storage of Sensitive Information vulnerability in Broadcom Fabric Operating System Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements. | 6.5 |
| 2022-10-25 | CVE-2022-33178 | Improper Input Validation vulnerability in Broadcom Fabric Operating System A vulnerability in the radius authentication system of Brocade Fabric OS before Brocade Fabric OS 9.0 could allow a remote attacker to execute arbitrary code on the Brocade switch. | 7.2 |
| 2022-10-25 | CVE-2022-33179 | Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j could allow a local authenticated user to break out of restricted shells with “set context” and escalate privileges. | 8.8 |
| 2022-10-25 | CVE-2022-33185 | Out-of-bounds Write vulnerability in Broadcom Fabric Operating System Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. | 7.8 |
| 2022-03-18 | CVE-2020-15388 | Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files. | 4.0 |
| 2022-03-18 | CVE-2021-27789 | Unspecified vulnerability in Broadcom Fabric Operating System The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device. | 4.0 |