Vulnerabilities > Broadcom > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-33181 Unspecified vulnerability in Broadcom Fabric Operating System
An information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a local authenticated attacker to read sensitive files using switch commands “configshow” and “supportlink”.
local
low complexity
broadcom
5.5
2022-08-05 CVE-2021-27798 Path Traversal vulnerability in Broadcom Fabric Operating System 7.3.1D/7.4.1B
A vulnerability in Brocade Fabric OS versions v7.4.1b and v7.3.1d could allow local users to conduct privileged directory transversal.
local
low complexity
broadcom CWE-22
5.5
2022-06-27 CVE-2022-28167 Insufficiently Protected Credentials vulnerability in Broadcom Sannav 2.1.0/2.1.1/2.2.0.0
Brocade SANnav before Brocade SANvav v.
network
low complexity
broadcom CWE-522
6.5
2022-06-24 CVE-2021-30651 Unspecified vulnerability in Broadcom Symantec Messaging Gateway 10.7/10.7.4
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access.
network
low complexity
broadcom
4.9
2022-06-16 CVE-2022-33755 Unspecified vulnerability in Broadcom CA Automic Automation 12.2/12.3
CA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic Agent that could allow a remote attacker to potentially enumerate users.
network
low complexity
broadcom
5.3
2022-05-06 CVE-2022-28164 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Broadcom Sannav 2.1.0/2.1.1/2.1.1.8
Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm for the storage of passwords.
network
low complexity
broadcom CWE-327
6.5
2022-03-28 CVE-2005-10001 Open Redirect vulnerability in Broadcom Symantec Siteminder 4.5.0/4.5.1
A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical.
network
low complexity
broadcom CWE-601
6.1
2022-03-26 CVE-2022-27939 Reachable Assertion vulnerability in multiple products
tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c.
local
low complexity
broadcom fedoraproject CWE-617
5.5
2022-03-22 CVE-2022-25484 Reachable Assertion vulnerability in Broadcom Tcpreplay 4.4.1
tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in tcpprep v4.4.1.
local
low complexity
broadcom CWE-617
5.5
2022-03-18 CVE-2020-15388 Unspecified vulnerability in Broadcom Fabric Operating System
A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files.
network
low complexity
broadcom
6.5