Vulnerabilities > Brocade > High

DATE CVE VULNERABILITY TITLE RISK
2022-06-02 CVE-2022-27775 An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.
network
low complexity
haxx debian netapp brocade splunk
7.5
2022-05-26 CVE-2022-22576 Missing Authentication for Critical Function vulnerability in multiple products
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer.
network
low complexity
haxx debian netapp brocade splunk CWE-306
8.1
2021-07-07 CVE-2021-22555 Out-of-bounds Write vulnerability in multiple products
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c.
local
low complexity
linux brocade netapp CWE-787
7.8
2020-05-27 CVE-2020-13630 Use After Free vulnerability in multiple products
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
7.0
2019-01-22 CVE-2018-6445 A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems.
network
low complexity
brocade netapp
7.5
2019-01-22 CVE-2018-6443 Credentials Management vulnerability in multiple products
A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications.
network
high complexity
brocade netapp CWE-255
8.1
2017-05-08 CVE-2016-8209 Improper Check for Unusual or Exceptional Conditions vulnerability in Brocade products
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.
network
low complexity
brocade CWE-754
7.5
2017-01-14 CVE-2016-8207 Path Traversal vulnerability in Brocade Network Advisor 11.0.0.0/11.0.2.0
A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information.
network
low complexity
brocade CWE-22
7.5
2017-01-14 CVE-2016-8206 Path Traversal vulnerability in Brocade Network Advisor 11.0.0.0/11.0.2.0
A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary files, and consequently delete the files.
network
low complexity
brocade CWE-22
7.5
2017-01-14 CVE-2016-8201 Cross-Site Request Forgery (CSRF) vulnerability in Brocade Virtual Traffic Manager 11.0
A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0 could allow an attacker to trick a logged-in user into making administrative changes on the traffic manager cluster.
network
low complexity
brocade CWE-352
8.0