Vulnerabilities > Broadcom > Fabric Operating System > 7.4.2e

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-33179 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j could allow a local authenticated user to break out of restricted shells with “set context” and escalate privileges.
local
low complexity
broadcom
8.8
2022-10-25 CVE-2022-33185 Out-of-bounds Write vulnerability in Broadcom Fabric Operating System
Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input.
local
low complexity
broadcom CWE-787
7.8
2022-03-18 CVE-2020-15388 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files.
network
low complexity
broadcom
6.5
2022-03-18 CVE-2021-27789 Unspecified vulnerability in Broadcom Fabric Operating System
The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device.
network
low complexity
broadcom
6.5
2022-02-21 CVE-2021-27797 Use of Hard-coded Credentials vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all versions of Brocade Fabric OS v8.0.x and v7.x contain documented hard-coded credentials, which could allow attackers to gain access to the system.
network
low complexity
broadcom CWE-798
critical
9.8
2021-08-12 CVE-2021-27790 Out-of-bounds Write vulnerability in Broadcom Fabric Operating System
The command ipfilter in Brocade Fabric OS before Brocade Fabric OS v.9.0.1a, v8.2.3, and v8.2.0_CBN4, and v7.4.2h uses unsafe string function to process user input.
local
low complexity
broadcom CWE-787
7.8
2021-08-12 CVE-2021-27792 Unspecified vulnerability in Broadcom Fabric Operating System
The request handling functions in web management interface of Brocade Fabric OS versions before v9.0.1a, v8.2.3a, and v7.4.2h do not properly handle malformed user input, resulting in a service crash.
local
low complexity
broadcom
7.8
2021-08-12 CVE-2021-27794 Improper Authentication vulnerability in Broadcom Fabric Operating System
A vulnerability in the authentication mechanism of Brocade Fabric OS versions before Brocade Fabric OS v.9.0.1a, v8.2.3a and v7.4.2h could allow a user to Login with empty password, and invalid password through telnet, ssh and REST.
local
low complexity
broadcom CWE-287
7.8
2021-06-09 CVE-2020-15383 Unspecified vulnerability in Broadcom Fabric Operating System
Running security scans against the SAN switch can cause config and secnotify processes within the firmware before Brocade Fabric OS v9.0.0, v8.2.2d and v8.2.1e to consume all memory leading to denial of service impacts possibly including a switch panic.
network
low complexity
broadcom
7.5
2020-12-11 CVE-2020-15375 Improper Input Validation vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g contain an improper input validation weakness in the command line interface when secccrypptocfg is invoked.
local
low complexity
broadcom CWE-20
6.7