Vulnerabilities > Broadcom > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-09-25 CVE-2020-15370 Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote attacker to view a user password in cleartext.
network
low complexity
broadcom CWE-532
4.0
2020-09-25 CVE-2020-15369 Weak Password Requirements vulnerability in Broadcom Fabric Operating System
Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server.
network
low complexity
broadcom CWE-521
4.0
2020-06-02 CVE-2020-13401 Improper Input Validation vulnerability in multiple products
An issue was discovered in Docker Engine before 19.03.11.
network
high complexity
docker fedoraproject debian broadcom CWE-20
6.0
2020-05-28 CVE-2020-13645 Improper Certificate Validation vulnerability in multiple products
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity.
6.5
2020-04-28 CVE-2020-12243 Uncontrolled Recursion vulnerability in multiple products
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).
5.0
2020-04-15 CVE-2020-11660 Information Exposure vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information.
network
low complexity
broadcom CWE-200
4.0
2020-04-15 CVE-2020-11659 Authorization Bypass Through User-Controlled Key vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action.
network
low complexity
broadcom CWE-639
4.0
2020-04-15 CVE-2020-11666 Improper Privilege Management vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges.
network
low complexity
broadcom CWE-269
6.5
2020-04-15 CVE-2020-11665 Open Redirect vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
network
broadcom CWE-601
5.8
2020-04-15 CVE-2020-11664 Open Redirect vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
network
broadcom CWE-601
5.8