Vulnerabilities > Brocade

DATE CVE VULNERABILITY TITLE RISK
2020-05-27 CVE-2020-13630 Use After Free vulnerability in multiple products
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
7.0
2019-01-22 CVE-2018-6445 A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems.
network
low complexity
brocade netapp
7.5
2019-01-22 CVE-2018-6444 OS Command Injection vulnerability in multiple products
A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code.
network
low complexity
brocade netapp CWE-78
critical
9.8
2019-01-22 CVE-2018-6443 Credentials Management vulnerability in multiple products
A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications.
network
high complexity
brocade netapp CWE-255
8.1
2018-02-08 CVE-2017-6227 A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a targeted system.
low complexity
brocade broadcom
6.5
2018-02-08 CVE-2017-6225 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based information.
network
low complexity
brocade broadcom CWE-79
6.1
2017-05-08 CVE-2016-8209 Improper Check for Unusual or Exceptional Conditions vulnerability in Brocade products
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.
network
low complexity
brocade CWE-754
7.5
2017-01-14 CVE-2016-8207 Path Traversal vulnerability in Brocade Network Advisor 11.0.0.0/11.0.2.0
A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information.
network
low complexity
brocade CWE-22
7.5
2017-01-14 CVE-2016-8206 Path Traversal vulnerability in Brocade Network Advisor 11.0.0.0/11.0.2.0
A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary files, and consequently delete the files.
network
low complexity
brocade CWE-22
7.5
2017-01-14 CVE-2016-8205 Path Traversal vulnerability in Brocade Network Advisor 11.0.0.0/11.0.2.0
A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed.
network
low complexity
brocade CWE-22
critical
9.8