Vulnerabilities > Broadcom > Fabric Operating System

DATE CVE VULNERABILITY TITLE RISK
2018-11-08 CVE-2018-6436 Unspecified vulnerability in Broadcom Fabric Operating System
A Vulnerability in the firmwaredownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.
local
low complexity
broadcom
7.2
2018-11-08 CVE-2018-6442 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in the Brocade Webtools firmware update section of Brocade Fabric OS before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote authenticated attackers to execute arbitrary commands.
network
low complexity
broadcom
6.5
2018-11-08 CVE-2018-6441 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in Secure Shell implementation of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to provide arbitrary environment variables, and bypass the restricted configuration shell.
local
low complexity
broadcom
7.2
2018-11-08 CVE-2018-6435 Unspecified vulnerability in Broadcom Fabric Operating System
A Vulnerability in the secryptocfg command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, and gain root access.
local
low complexity
broadcom
7.2
2018-11-08 CVE-2018-6434 Session Fixation vulnerability in Broadcom Fabric Operating System
A vulnerability in the web management interface of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow attackers to intercept or manipulate a user's session ID.
network
low complexity
broadcom CWE-384
5.0
2018-11-08 CVE-2018-6433 Improper Input Validation vulnerability in Broadcom Fabric Operating System
A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system.
local
low complexity
broadcom CWE-20
2.1
2018-02-08 CVE-2017-6227 A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a targeted system.
low complexity
broadcom brocade
6.1
2018-02-08 CVE-2017-6225 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based information.
4.3
2017-05-08 CVE-2016-8202 Permissions, Privileges, and Access Controls vulnerability in Broadcom Fabric Operating System
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface.
network
low complexity
broadcom CWE-264
critical
9.0
2016-08-22 CVE-2016-4376 7PK - Security Features vulnerability in Broadcom Fabric Operating System
HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches allows remote attackers to obtain sensitive information via unspecified vectors.
network
low complexity
broadcom CWE-254
7.8