Vulnerabilities > Broadcom > Fabric Operating System > 7.4.2h

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-33179 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j could allow a local authenticated user to break out of restricted shells with “set context” and escalate privileges.
local
low complexity
broadcom
8.8
2022-10-25 CVE-2022-33185 Out-of-bounds Write vulnerability in Broadcom Fabric Operating System
Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input.
local
low complexity
broadcom CWE-787
7.8
2022-03-18 CVE-2021-27789 Unspecified vulnerability in Broadcom Fabric Operating System
The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device.
network
low complexity
broadcom
6.5
2022-02-21 CVE-2021-27797 Use of Hard-coded Credentials vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all versions of Brocade Fabric OS v8.0.x and v7.x contain documented hard-coded credentials, which could allow attackers to gain access to the system.
network
low complexity
broadcom CWE-798
critical
9.8
2021-06-09 CVE-2020-15383 Unspecified vulnerability in Broadcom Fabric Operating System
Running security scans against the SAN switch can cause config and secnotify processes within the firmware before Brocade Fabric OS v9.0.0, v8.2.2d and v8.2.1e to consume all memory leading to denial of service impacts possibly including a switch panic.
network
low complexity
broadcom
7.5
2020-09-25 CVE-2018-6449 Cross-site Scripting vulnerability in Broadcom Fabric Operating System
Host Header Injection vulnerability in the http management interface in Brocade Fabric OS versions before v9.0.0 could allow a remote attacker to exploit this vulnerability by injecting arbitrary HTTP headers
network
low complexity
broadcom CWE-79
6.1
2020-09-25 CVE-2018-6448 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in the management interface in Brocade Fabric OS Versions before Brocade Fabric OS v9.0.0 could allow a remote attacker to perform a denial of service attack on the vulnerable host.
network
low complexity
broadcom
7.5