Vulnerabilities > Broadcom > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-27 | CVE-2022-28167 | Insufficiently Protected Credentials vulnerability in Broadcom Sannav 2.1.0/2.1.1/2.2.0.0 Brocade SANnav before Brocade SANvav v. | 6.5 |
| 2022-06-27 | CVE-2022-28168 | Insecure Storage of Sensitive Information vulnerability in Broadcom Sannav 2.1.0/2.1.1/2.2.0.0 In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server passwords are stored using Base64 encoding, which could allow an attacker able to access log files to easily decode the passwords. | 5.0 |
| 2022-06-24 | CVE-2021-30651 | Unspecified vulnerability in Broadcom Symantec Messaging Gateway 10.7/10.7.4 A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access. | 4.9 |
| 2022-06-16 | CVE-2022-33739 | XML Injection (aka Blind XPath Injection) vulnerability in Broadcom CA Clarity 15.9.0 CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow a remote attacker to potentially view the contents of any file on the system. | 5.0 |
| 2022-06-16 | CVE-2022-33755 | Unspecified vulnerability in Broadcom CA Automic Automation 12.2/12.3 CA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic Agent that could allow a remote attacker to potentially enumerate users. | 5.3 |
| 2022-06-16 | CVE-2022-33756 | Insufficient Entropy vulnerability in Broadcom CA Automic Automation 12.2/12.3 CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data. | 5.0 |
| 2022-05-06 | CVE-2022-28164 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Broadcom Sannav 2.1.0/2.1.1/2.1.1.8 Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm for the storage of passwords. | 6.5 |
| 2022-03-28 | CVE-2005-10001 | Open Redirect vulnerability in Broadcom Symantec Siteminder 4.5.0/4.5.1 A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. | 6.1 |
| 2022-03-26 | CVE-2022-27939 | Reachable Assertion vulnerability in multiple products tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. | 5.5 |
| 2022-03-22 | CVE-2022-25484 | Reachable Assertion vulnerability in Broadcom Tcpreplay 4.4.1 tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in tcpprep v4.4.1. | 4.3 |