Vulnerabilities > Broadcom > Fabric Operating System > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-06-26 CVE-2024-29953 Insecure Storage of Sensitive Information vulnerability in Broadcom Fabric Operating System
A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d prints encoded session passwords on session storage for Virtual Fabric platforms.
network
low complexity
broadcom CWE-922
4.3
2024-06-26 CVE-2024-29954 Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System
A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files.
local
low complexity
broadcom CWE-532
5.5
2024-04-05 CVE-2023-5973 Origin Validation Error vulnerability in Broadcom Fabric Operating System
Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters.
network
low complexity
broadcom CWE-346
4.3
2023-08-31 CVE-2023-4163 Classic Buffer Overflow vulnerability in Broadcom Fabric Operating System
In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command.
local
low complexity
broadcom CWE-120
4.4
2023-08-01 CVE-2023-31426 Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System
The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave.
network
low complexity
broadcom CWE-532
6.5
2023-08-01 CVE-2023-31429 Command Injection vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS before Brocade Fabric OS 9.1.1c, 9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal.
local
low complexity
broadcom CWE-77
5.5
2022-10-25 CVE-2022-28170 Insecure Storage of Sensitive Information vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements.
local
low complexity
broadcom CWE-922
6.5
2022-10-25 CVE-2022-33180 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5 could allow a local authenticated attacker to export out sensitive files with “seccryptocfg”, “configupload”.
local
low complexity
broadcom
5.5
2022-10-25 CVE-2022-33181 Unspecified vulnerability in Broadcom Fabric Operating System
An information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a local authenticated attacker to read sensitive files using switch commands “configshow” and “supportlink”.
local
low complexity
broadcom
5.5
2022-08-05 CVE-2021-27798 Path Traversal vulnerability in Broadcom Fabric Operating System 7.3.1D/7.4.1B
A vulnerability in Brocade Fabric OS versions 7.4.1b and 7.3.1d could allow local users to conduct privileged directory transversal.
local
low complexity
broadcom CWE-22
5.5