Vulnerabilities > Brocade > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-31 CVE-2023-4162 Resource Exhaustion vulnerability in Brocade Fabric Operating System 9.0.1E/9.1.1
A segmentation fault can occur in Brocade Fabric OS after Brocade Fabric OS v9.0 and before Brocade Fabric OS v9.2.0a through the passwdcfg command.
local
low complexity
brocade CWE-400
4.4
2022-06-02 CVE-2022-27774 Insufficiently Protected Credentials vulnerability in multiple products
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.
network
low complexity
haxx debian netapp brocade splunk CWE-522
5.7
2022-06-02 CVE-2022-27776 Insufficiently Protected Credentials vulnerability in multiple products
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.
6.5
2021-07-07 CVE-2021-22555 Out-of-bounds Write vulnerability in multiple products
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c.
local
low complexity
linux brocade netapp CWE-787
4.6
2020-05-27 CVE-2020-13632 NULL Pointer Dereference vulnerability in multiple products
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.
5.5
2020-05-27 CVE-2020-13631 SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. 5.5
2019-01-22 CVE-2018-6445 A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems.
network
low complexity
brocade netapp
5.0
2019-01-22 CVE-2018-6443 Credentials Management vulnerability in multiple products
A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications.
4.3
2018-02-08 CVE-2017-6227 A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a targeted system.
low complexity
broadcom brocade
6.1
2018-02-08 CVE-2017-6225 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based information.
4.3