Vulnerabilities > Broadcom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-25 | CVE-2022-33178 | Improper Input Validation vulnerability in Broadcom Fabric Operating System A vulnerability in the radius authentication system of Brocade Fabric OS before Brocade Fabric OS 9.0 could allow a remote attacker to execute arbitrary code on the Brocade switch. | 7.2 |
| 2022-10-25 | CVE-2022-33179 | Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j could allow a local authenticated user to break out of restricted shells with “set context” and escalate privileges. | 8.8 |
| 2022-10-25 | CVE-2022-33180 | Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5 could allow a local authenticated attacker to export out sensitive files with “seccryptocfg”, “configupload”. | 5.5 |
| 2022-10-25 | CVE-2022-33181 | Unspecified vulnerability in Broadcom Fabric Operating System An information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a local authenticated attacker to read sensitive files using switch commands “configshow” and “supportlink”. | 5.5 |
| 2022-10-25 | CVE-2022-33182 | Unspecified vulnerability in Broadcom Fabric Operating System A privilege escalation vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, could allow a local authenticated user to escalate its privilege to root using switch commands “supportlink”, “firmwaredownload”, “portcfgupload, license, and “fosexec”. | 7.8 |
| 2022-10-25 | CVE-2022-33183 | Out-of-bounds Write vulnerability in Broadcom Fabric Operating System A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in “firmwaredownload” and “diagshow” commands. | 8.8 |
| 2022-10-25 | CVE-2022-33184 | Out-of-bounds Write vulnerability in Broadcom Fabric Operating System A vulnerability in fab_seg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0_cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and execute arbitrary code as the root user account. | 7.8 |
| 2022-10-25 | CVE-2022-33185 | Out-of-bounds Write vulnerability in Broadcom Fabric Operating System Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. | 7.8 |
| 2022-08-26 | CVE-2022-25625 | Unspecified vulnerability in Broadcom Symantec Privileged Access Management A malicious unauthorized PAM user can access the administration configuration data and change the values. | 8.8 |
| 2022-08-18 | CVE-2022-37047 | Out-of-bounds Write vulnerability in multiple products The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. | 7.8 |