Vulnerabilities > Broadcom > Fabric Operating System
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-25 | CVE-2022-33179 | Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j could allow a local authenticated user to break out of restricted shells with “set context” and escalate privileges. | 8.8 |
| 2022-10-25 | CVE-2022-33180 | Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5 could allow a local authenticated attacker to export out sensitive files with “seccryptocfg”, “configupload”. | 5.5 |
| 2022-10-25 | CVE-2022-33181 | Unspecified vulnerability in Broadcom Fabric Operating System An information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a local authenticated attacker to read sensitive files using switch commands “configshow” and “supportlink”. | 5.5 |
| 2022-10-25 | CVE-2022-33182 | Unspecified vulnerability in Broadcom Fabric Operating System A privilege escalation vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, could allow a local authenticated user to escalate its privilege to root using switch commands “supportlink”, “firmwaredownload”, “portcfgupload, license, and “fosexec”. | 7.8 |
| 2022-10-25 | CVE-2022-33183 | Out-of-bounds Write vulnerability in Broadcom Fabric Operating System A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in “firmwaredownload” and “diagshow” commands. | 8.8 |
| 2022-10-25 | CVE-2022-33184 | Out-of-bounds Write vulnerability in Broadcom Fabric Operating System A vulnerability in fab_seg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0_cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and execute arbitrary code as the root user account. | 7.8 |
| 2022-10-25 | CVE-2022-33185 | Out-of-bounds Write vulnerability in Broadcom Fabric Operating System Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. | 7.8 |
| 2022-08-05 | CVE-2021-27798 | Path Traversal vulnerability in Broadcom Fabric Operating System 7.3.1D/7.4.1B A vulnerability in Brocade Fabric OS versions v7.4.1b and v7.3.1d could allow local users to conduct privileged directory transversal. | 5.5 |
| 2022-03-18 | CVE-2020-15388 | Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files. | 4.0 |
| 2022-03-18 | CVE-2021-27789 | Unspecified vulnerability in Broadcom Fabric Operating System The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device. | 4.0 |