Vulnerabilities > Brocade > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-08 | CVE-2016-8209 | Improper Check for Unusual or Exceptional Conditions vulnerability in Brocade products Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module. | 5.0 |
| 2017-01-14 | CVE-2016-8207 | Path Traversal vulnerability in Brocade Network Advisor 11.0.0.0/11.0.2.0 A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information. | 5.0 |
| 2017-01-14 | CVE-2016-8206 | Path Traversal vulnerability in Brocade Network Advisor 11.0.0.0/11.0.2.0 A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary files, and consequently delete the files. | 6.4 |
| 2017-01-14 | CVE-2016-8201 | Cross-Site Request Forgery (CSRF) vulnerability in Brocade Virtual Traffic Manager A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0 could allow an attacker to trick a logged-in user into making administrative changes on the traffic manager cluster. | 6.0 |
| 2014-10-07 | CVE-2014-4869 | Permissions, Privileges, and Access Controls vulnerability in Brocade Vyatta 5400 Vrouter and Vyatta 5400 Vrouter Software The Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows attackers to obtain sensitive encrypted-password information by leveraging membership in the operator group. | 5.0 |
| 2014-01-23 | CVE-2013-7307 | Unspecified vulnerability in Brocade Vyatta Vrouter and Vyatta Vrouter Software The OSPF implementation on the Brocade Vyatta vRouter with software before 6.6R1 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | 5.4 |
| 2014-01-23 | CVE-2013-7306 | Improper Input Validation vulnerability in Brocade products The OSPF implementation on Brocade routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | 5.4 |
| 2011-07-17 | CVE-2011-2760 | Permissions, Privileges, and Access Controls vulnerability in Brocade Bigiron RX Switch Brocade BigIron RX switches allow remote attackers to bypass ACL rules by using 179 as the source port of a packet. | 5.0 |
| 2004-09-04 | CVE-2004-1663 | Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets. | 5.0 |