Vulnerabilities > Broadcom > Fabric Operating System

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-33178 Improper Input Validation vulnerability in Broadcom Fabric Operating System
A vulnerability in the radius authentication system of Brocade Fabric OS before Brocade Fabric OS 9.0 could allow a remote attacker to execute arbitrary code on the Brocade switch.
network
low complexity
broadcom CWE-20
7.2
2022-10-25 CVE-2022-33179 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j could allow a local authenticated user to break out of restricted shells with “set context” and escalate privileges.
local
low complexity
broadcom
8.8
2022-10-25 CVE-2022-33180 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5 could allow a local authenticated attacker to export out sensitive files with “seccryptocfg”, “configupload”.
local
low complexity
broadcom
5.5
2022-10-25 CVE-2022-33181 Unspecified vulnerability in Broadcom Fabric Operating System
An information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a local authenticated attacker to read sensitive files using switch commands “configshow” and “supportlink”.
local
low complexity
broadcom
5.5
2022-10-25 CVE-2022-33182 Unspecified vulnerability in Broadcom Fabric Operating System
A privilege escalation vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, could allow a local authenticated user to escalate its privilege to root using switch commands “supportlink”, “firmwaredownload”, “portcfgupload, license, and “fosexec”.
local
low complexity
broadcom
7.8
2022-10-25 CVE-2022-33183 Out-of-bounds Write vulnerability in Broadcom Fabric Operating System
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in “firmwaredownload” and “diagshow” commands.
network
low complexity
broadcom CWE-787
8.8
2022-10-25 CVE-2022-33184 Out-of-bounds Write vulnerability in Broadcom Fabric Operating System
A vulnerability in fab_seg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0_cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and execute arbitrary code as the root user account.
local
low complexity
broadcom CWE-787
7.8
2022-10-25 CVE-2022-33185 Out-of-bounds Write vulnerability in Broadcom Fabric Operating System
Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input.
local
low complexity
broadcom CWE-787
7.8
2022-08-05 CVE-2021-27798 Path Traversal vulnerability in Broadcom Fabric Operating System 7.3.1D/7.4.1B
A vulnerability in Brocade Fabric OS versions v7.4.1b and v7.3.1d could allow local users to conduct privileged directory transversal.
local
low complexity
broadcom CWE-22
5.5
2022-03-18 CVE-2020-15388 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files.
network
low complexity
broadcom
4.0