Vulnerabilities > Broadcom > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-25 | CVE-2022-33179 | Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j could allow a local authenticated user to break out of restricted shells with “set context” and escalate privileges. | 8.8 |
| 2022-10-25 | CVE-2022-33182 | Unspecified vulnerability in Broadcom Fabric Operating System A privilege escalation vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, could allow a local authenticated user to escalate its privilege to root using switch commands “supportlink”, “firmwaredownload”, “portcfgupload, license, and “fosexec”. | 7.8 |
| 2022-10-25 | CVE-2022-33183 | Out-of-bounds Write vulnerability in Broadcom Fabric Operating System A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in “firmwaredownload” and “diagshow” commands. | 8.8 |
| 2022-10-25 | CVE-2022-33184 | Out-of-bounds Write vulnerability in Broadcom Fabric Operating System A vulnerability in fab_seg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0_cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and execute arbitrary code as the root user account. | 7.8 |
| 2022-10-25 | CVE-2022-33185 | Out-of-bounds Write vulnerability in Broadcom Fabric Operating System Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. | 7.8 |
| 2022-08-26 | CVE-2022-25625 | Unspecified vulnerability in Broadcom Symantec Privileged Access Management A malicious unauthorized PAM user can access the administration configuration data and change the values. | 8.8 |
| 2022-08-18 | CVE-2022-37047 | Out-of-bounds Write vulnerability in multiple products The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. | 7.8 |
| 2022-08-18 | CVE-2022-37048 | Out-of-bounds Write vulnerability in multiple products The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. | 7.8 |
| 2022-08-18 | CVE-2022-37049 | Out-of-bounds Write vulnerability in multiple products The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150. | 7.8 |
| 2022-06-27 | CVE-2022-28166 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Broadcom Sannav 2.1.0/2.1.1/2.2.0.0 In Brocade SANnav version before SANN2.2.0.2 and Brocade SANNav before 2.1.1.8, the implementation of TLS/SSL Server Supports the Use of Static Key Ciphers (ssl-static-key-ciphers) on ports 443 & 18082. | 7.5 |