Vulnerabilities > Broadcom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-25 | CVE-2019-16211 | Insufficiently Protected Credentials vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1/2.0 Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability. | 9.8 |
| 2020-09-25 | CVE-2019-16212 | Unspecified vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1/2.0 A vulnerability in Brocade SANnav versions before v2.1.0 could allow a remote authenticated attacker to conduct an LDAP injection. | 8.8 |
| 2020-09-25 | CVE-2018-6449 | Cross-site Scripting vulnerability in Broadcom Fabric Operating System Host Header Injection vulnerability in the http management interface in Brocade Fabric OS versions before v9.0.0 could allow a remote attacker to exploit this vulnerability by injecting arbitrary HTTP headers | 6.1 |
| 2020-09-25 | CVE-2018-6448 | Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in the management interface in Brocade Fabric OS Versions before Brocade Fabric OS v9.0.0 could allow a remote attacker to perform a denial of service attack on the vulnerable host. | 7.5 |
| 2020-09-25 | CVE-2018-6447 | Cross-site Scripting vulnerability in Broadcom Fabric Operating System A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account. | 5.4 |
| 2020-09-25 | CVE-2020-15374 | Unspecified vulnerability in Broadcom Fabric Operating System Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input. | 9.8 |
| 2020-09-25 | CVE-2020-15373 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Broadcom Fabric Operating System Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks. | 9.8 |
| 2020-09-25 | CVE-2020-15372 | Improper Control of Dynamically-Managed Code Resources vulnerability in Broadcom Fabric Operating System A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or bypassing the logging. | 5.5 |
| 2020-09-25 | CVE-2020-15371 | Code Injection vulnerability in Broadcom Fabric Operating System Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability. | 9.8 |
| 2020-09-25 | CVE-2020-15370 | Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote attacker to view a user password in cleartext. | 6.5 |