Vulnerabilities > Broadcom > Fabric Operating System > Low

DATE CVE VULNERABILITY TITLE RISK
2021-04-01 CVE-2021-22890 Authentication Bypass by Spoofing vulnerability in multiple products
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets.
3.7
2020-09-25 CVE-2020-15372 Improper Control of Dynamically-Managed Code Resources vulnerability in Broadcom Fabric Operating System
A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or bypassing the logging.
local
low complexity
broadcom CWE-913
2.1
2020-09-25 CVE-2018-6447 Cross-site Scripting vulnerability in Broadcom Fabric Operating System
A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account.
network
broadcom CWE-79
3.5
2018-11-08 CVE-2018-6433 Improper Input Validation vulnerability in Broadcom Fabric Operating System
A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system.
local
low complexity
broadcom CWE-20
2.1