Vulnerabilities > Broadcom > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-33181 Unspecified vulnerability in Broadcom Fabric Operating System
An information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a local authenticated attacker to read sensitive files using switch commands “configshow” and “supportlink”.
local
low complexity
broadcom
5.5
2022-08-05 CVE-2021-27798 Path Traversal vulnerability in Broadcom Fabric Operating System 7.3.1D/7.4.1B
A vulnerability in Brocade Fabric OS versions v7.4.1b and v7.3.1d could allow local users to conduct privileged directory transversal.
local
low complexity
broadcom CWE-22
5.5
2022-06-27 CVE-2022-28167 Insufficiently Protected Credentials vulnerability in Broadcom Sannav 2.1.0/2.1.1/2.2.0.0
Brocade SANnav before Brocade SANvav v.
network
low complexity
broadcom CWE-522
6.5
2022-06-27 CVE-2022-28168 Insecure Storage of Sensitive Information vulnerability in Broadcom Sannav 2.1.0/2.1.1/2.2.0.0
In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server passwords are stored using Base64 encoding, which could allow an attacker able to access log files to easily decode the passwords.
network
low complexity
broadcom CWE-922
5.0
2022-06-24 CVE-2021-30651 Unspecified vulnerability in Broadcom Symantec Messaging Gateway 10.7/10.7.4
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access.
network
low complexity
broadcom
4.9
2022-06-16 CVE-2022-33739 XML Injection (aka Blind XPath Injection) vulnerability in Broadcom CA Clarity 15.9.0
CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow a remote attacker to potentially view the contents of any file on the system.
network
low complexity
broadcom CWE-91
5.0
2022-06-16 CVE-2022-33755 Unspecified vulnerability in Broadcom CA Automic Automation 12.2/12.3
CA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic Agent that could allow a remote attacker to potentially enumerate users.
network
low complexity
broadcom
5.3
2022-06-16 CVE-2022-33756 Insufficient Entropy vulnerability in Broadcom CA Automic Automation 12.2/12.3
CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data.
network
low complexity
broadcom CWE-331
5.0
2022-05-06 CVE-2022-28164 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Broadcom Sannav 2.1.0/2.1.1/2.1.1.8
Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm for the storage of passwords.
network
low complexity
broadcom CWE-327
6.5
2022-03-28 CVE-2005-10001 Open Redirect vulnerability in Broadcom Symantec Siteminder 4.5.0/4.5.1
A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical.
network
low complexity
broadcom CWE-601
6.1