Vulnerabilities > Broadcom > Fabric Operating System > 9.2.0b
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-21 | CVE-2024-10403 | Files or Directories Accessible to External Parties vulnerability in Broadcom Fabric Operating System Brocade Fabric OS versions before 8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2.1a can capture the SFTP/FTP server password used for a firmware download operation initiated by SANnav or through WebEM in a weblinker core dump that is later captured via supportsave. | 7.5 |
| 2024-11-12 | CVE-2024-7516 | Missing Authentication for Critical Function vulnerability in Broadcom Fabric Operating System A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a switch admin. | 7.1 |