Vulnerabilities > Broadcom > High

DATE CVE VULNERABILITY TITLE RISK
2018-11-08 CVE-2018-6437 Unspecified vulnerability in Broadcom Fabric Operating System
A Vulnerability in the help command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.
local
low complexity
broadcom
7.8
2018-11-08 CVE-2018-6436 Unspecified vulnerability in Broadcom Fabric Operating System
A Vulnerability in the firmwaredownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.
local
low complexity
broadcom
7.8
2018-11-08 CVE-2018-6442 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in the Brocade Webtools firmware update section of Brocade Fabric OS before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote authenticated attackers to execute arbitrary commands.
network
low complexity
broadcom
8.8
2018-11-08 CVE-2018-6441 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in Secure Shell implementation of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to provide arbitrary environment variables, and bypass the restricted configuration shell.
local
low complexity
broadcom
7.8
2018-11-08 CVE-2018-6435 Unspecified vulnerability in Broadcom Fabric Operating System
A Vulnerability in the secryptocfg command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, and gain root access.
local
low complexity
broadcom
7.8
2018-11-08 CVE-2018-6434 Session Fixation vulnerability in Broadcom Fabric Operating System
A vulnerability in the web management interface of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow attackers to intercept or manipulate a user's session ID.
network
low complexity
broadcom CWE-384
7.5
2018-09-28 CVE-2018-17582 Out-of-bounds Read vulnerability in Broadcom Tcpreplay 4.3.0
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read.
local
low complexity
broadcom CWE-125
7.1
2018-09-28 CVE-2018-17580 Out-of-bounds Read vulnerability in Broadcom Tcpreplay 4.3.0
A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1.
local
low complexity
broadcom CWE-125
7.1
2018-08-30 CVE-2018-13823 XXE vulnerability in multiple products
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information.
network
low complexity
ca broadcom CWE-611
7.5
2018-08-30 CVE-2018-13822 Insufficiently Protected Credentials vulnerability in Broadcom Project Portfolio Management
Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information.
network
low complexity
broadcom CWE-522
7.5