cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-33185,https://securityvulnerability.io/vulnerability/CVE-2022-33185,Stack-Based Buffer Overflow Vulnerability in Brocade Fabric OS,"Brocade Fabric OS versions prior to v.9.0.1e and v9.1.0 are susceptible to vulnerabilities that arise from the use of unsafe string functions for processing user input. This flaw permits authenticated local attackers to perform stack-based buffer overflows, which can lead to arbitrary code execution with root privileges. Such vulnerabilities pose significant risks to system integrity and security, allowing attackers to manipulate system operations and gain unauthorized access.",Broadcom,Brocade Fabric Os,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-10-25T00:00:00.000Z,0
CVE-2022-33178,https://securityvulnerability.io/vulnerability/CVE-2022-33178,Remote Code Execution in Brocade Switch Radius Authentication System,"A vulnerability has been identified in the radius authentication system of Brocade Fabric OS that can be exploited by a remote attacker. If successfully executed, this vulnerability allows unauthorized execution of arbitrary code on the affected Brocade switches, potentially compromising the security and functionality of network operations.",Broadcom,Brocade Fabric Os,7.2,HIGH,0.0036700000055134296,false,,false,false,false,,,false,false,,2022-10-25T00:00:00.000Z,0
CVE-2022-33179,https://securityvulnerability.io/vulnerability/CVE-2022-33179,Privilege Escalation Vulnerability in Brocade Fabric OS by Broadcom,"A vulnerability in Brocade Fabric OS CLI versions before 9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j permits a local authenticated user to break out of restricted shells. By using the 'set context' command, attackers could escalate their privileges within the system, potentially leading to unauthorized access and control over sensitive operations.",Broadcom,Brocade Fabric Os,8.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-10-25T00:00:00.000Z,0
CVE-2022-33180,https://securityvulnerability.io/vulnerability/CVE-2022-33180,Local File Export Vulnerability in Brocade Fabric OS by Broadcom,"A security vulnerability exists in Brocade Fabric OS CLI versions prior to v9.1.0 that may allow a local authenticated user to export sensitive configuration files, including those pertaining to cryptographic settings. This could pose significant risks to the integrity and confidentiality of the network configurations, making it essential for organizations to apply the latest updates to mitigate potential threats.",Broadcom,Brocade Fabric Os,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-10-25T00:00:00.000Z,0
CVE-2022-33182,https://securityvulnerability.io/vulnerability/CVE-2022-33182,Privilege Escalation Vulnerability in Brocade Fabric OS CLI,"A privilege escalation vulnerability exists in Brocade Fabric OS CLI that affects earlier versions of the software. This vulnerability can be exploited by a local authenticated user executing specific switch commands, such as 'supportlink', 'firmwaredownload', 'portcfgupload', 'license', and 'fosexec'. By leveraging this vulnerability, an attacker could gain root privileges, potentially leading to unauthorized access and control over the affected systems.",Broadcom,Brocade Fabric Os,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-10-25T00:00:00.000Z,0
CVE-2022-33183,https://securityvulnerability.io/vulnerability/CVE-2022-33183,Stack Buffer Overflow Vulnerability in Brocade Fabric OS,"A vulnerability exists in the Brocade Fabric OS CLI that may allow a remote authenticated attacker to exploit a stack buffer overflow. This can occur through the use of specific commands such as 'firmwaredownload' and 'diagshow'. Attackers leveraging this vulnerability could potentially gain unauthorized access or control over affected systems, emphasizing the need for robust security measures and timely updates to mitigate the risks.",Broadcom,Brocade Fabric Os,8.8,HIGH,0.0032599999103695154,false,,false,false,false,,,false,false,,2022-10-25T00:00:00.000Z,0
CVE-2022-28169,https://securityvulnerability.io/vulnerability/CVE-2022-28169,Webtools Vulnerability in Brocade Fabric OS,"A vulnerability in Brocade Webtools of Brocade Fabric OS allows a user with low privileges to escalate their privileges and gain admin rights. This flaw occurs when authorization headers, specifically the operator's session ID, are transmitted without encryption, making it susceptible to interception. Malicious users can exploit this weakness to create new admin-user roles, compromising the security and integrity of the system. Users on older versions of Brocade Fabric OS should prioritize updating to mitigate this risk.",Broadcom,Brocade Fabric Os,8.8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-10-25T00:00:00.000Z,0
CVE-2022-28170,https://securityvulnerability.io/vulnerability/CVE-2022-28170,Local Password Exposure in Brocade Fabric OS Services,"The Brocade Fabric OS Web Application services prior to specific versions are susceptible to information disclosure. The application fails to adequately protect sensitive server and user passwords by storing them in debug statements. A local user could potentially access these debug logs, thereby extracting confidential password data, which could significantly compromise system security. Organizations using affected versions should prioritize updating their systems to mitigate the risk associated with this vulnerability.",Broadcom,Brocade Fabric Os,6.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-10-25T00:00:00.000Z,0
CVE-2022-33181,https://securityvulnerability.io/vulnerability/CVE-2022-33181,Information Disclosure in Brocade Fabric OS Components,"An information disclosure vulnerability exists in Brocade Fabric OS CLI that could allow a local authenticated attacker to access sensitive files. This vulnerability arises from the improper handling of commands such as 'configshow' and 'supportlink', which may expose confidential system information if exploited. Users are advised to upgrade to the recommended versions to mitigate this risk.",Broadcom,Brocade Fabric Os,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-10-25T00:00:00.000Z,0
CVE-2022-33184,https://securityvulnerability.io/vulnerability/CVE-2022-33184,Stack-Based Buffer Overflow in Brocade Fabric OS by Broadcom,"A stack-based buffer overflow vulnerability in the fab_seg.c.h libraries of Broadcom's Brocade Fabric OS could allow local authenticated attackers to execute arbitrary code with root user privileges. This flaw affects all versions prior to v9.1.1, v9.0.1e, v8.2.3c, v8.2.0_cbn5, and v7.4.2j, exposing systems to significant risk if exploited.",Broadcom,Brocade Fabric Os,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-10-25T00:00:00.000Z,0
CVE-2020-15388,https://securityvulnerability.io/vulnerability/CVE-2020-15388,Arbitrary File Write Vulnerability in Brocade Fabric OS,"An issue exists in Brocade Fabric OS versions prior to v9.0.1a, where an authenticated command-line interface (CLI) user can exploit the history command to manipulate files on the system. This vulnerability allows for the unauthorized writing of arbitrary content to sensitive files, potentially jeopardizing system integrity and security. It is crucial for users to update to the latest version to protect against this exploitation.",Broadcom,Brocade Fabric Os,6.5,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-03-18T17:59:10.000Z,0
CVE-2021-27789,https://securityvulnerability.io/vulnerability/CVE-2021-27789,Information Exposure in Brocade Fabric OS by Broadcom,"The web application of Brocade Fabric OS before versions 9.0.1a and 8.2.3a includes debug statements that can result in the disclosure of sensitive information via the standard output device. If an attacker gains access to the FOS system, they could exploit this vulnerability to retrieve sensitive data such as user credentials, potentially compromising system integrity and user privacy.",Broadcom,Brocade Fabric Os,6.5,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-03-18T17:59:09.000Z,0
CVE-2021-27797,https://securityvulnerability.io/vulnerability/CVE-2021-27797,Hard-Coded Credentials in Brocade Fabric OS Leading to Unauthorized Access,"Brocade Fabric OS contains hard-coded credentials in versions prior to v8.2.1c and v8.1.2h, as well as all versions in the 8.0.x and 7.x series. This vulnerability may enable an attacker to gain unauthorized access to critical system functions, potentially leading to severe implications for network security. It is crucial for users of the affected versions to review their security protocols and apply necessary updates to mitigate potential risks.",Broadcom,Brocade Fabric Os,9.8,CRITICAL,0.0024300001095980406,false,,false,false,false,,,false,false,,2022-02-21T17:49:35.000Z,0
CVE-2021-27796,https://securityvulnerability.io/vulnerability/CVE-2021-27796,File Read Vulnerability in Brocade Fabric OS by Broadcom,"A vulnerability exists in Brocade Fabric OS prior to version 8.0.1b and v7.4.1d, where an authenticated attacker can exploit the restricted shell environment (rbash) to read arbitrary files on the system. This can occur through several available binaries, enabling potential exposure of sensitive information managed by the affected system.",Broadcom,Brocade Fabric Os,6.5,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2022-02-21T17:49:34.000Z,0
CVE-2021-27791,https://securityvulnerability.io/vulnerability/CVE-2021-27791,Authentication Bypass in Brocade Fabric OS by Broadcom,"A vulnerability exists in the way Brocade Fabric OS Web application service processes the Authentication header before versions v9.0.1a and v8.2.3a. An attacker exploiting this flaw could send a malformed authentication header, allowing them to read memory addresses beyond the intended range. This could facilitate access to the system without proper authentication, posing significant security risks.",Broadcom,Brocade Fabric Os,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2021-08-12T14:27:35.000Z,0
CVE-2021-27790,https://securityvulnerability.io/vulnerability/CVE-2021-27790,Stack-Based Buffer Overflow in Brocade Fabric OS,"The vulnerable command 'ipfilter' in Brocade Fabric OS prior to versions 9.0.1a, 8.2.3, 8.2.0_CBN4, and 7.4.2h improperly processes user input using unsafe string functions. This flaw allows authenticated attackers to exploit stack-based buffer overflows, potentially leading to arbitrary code execution with root user privileges. Organizations utilizing affected versions need to implement immediate security measures to protect against possible exploitation of this vulnerability.",Broadcom,Brocade Fabric Os,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-12T14:27:04.000Z,0
CVE-2021-27794,https://securityvulnerability.io/vulnerability/CVE-2021-27794,Authentication Mechanism Flaw in Brocade Fabric OS Affecting Multiple Versions,"An authentication flaw in Brocade Fabric OS versions prior to v9.0.1a, v8.2.3a, and v7.4.2h could permit unauthorized users to access the system. This flaw allows individuals to log in using an empty password or an incorrect password through protocols such as telnet, SSH, and REST, thus compromising the integrity and security of the network management functionalities.",Broadcom,Brocade Fabric Os,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-12T14:25:00.000Z,0
CVE-2021-27792,https://securityvulnerability.io/vulnerability/CVE-2021-27792,Improper Input Validation in Brocade Fabric OS Web Management Interface,"The request handling functions in the web management interface of Brocade Fabric OS are susceptible to improper input validation. This flaw allows authenticated attackers to manipulate user input, which can lead to the FOS HTTP application handler crashing. As a consequence, the affected service may require a reboot to restore functionality. This vulnerability exists in versions prior to v9.0.1a, v8.2.3a, and v7.4.2h, posing a risk to system availability.",Broadcom,Brocade Fabric Os,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-12T14:24:27.000Z,0
CVE-2021-27793,https://securityvulnerability.io/vulnerability/CVE-2021-27793,Authorization Failure in Brocade Fabric OS by Broadcom,"Brocade Fabric OS suffers from an intermittent authorization failure in the AAA TACACS+ implementation, which may prevent users with valid accounts from successfully logging into their switches. This issue affects multiple versions of Brocade Fabric OS, including those prior to v9.0.1b and v8.2.3a. Administrators should review the appropriate security advisories and consider necessary updates to mitigate potential access issues.",Broadcom,Brocade Fabric Os,5.3,MEDIUM,0.0010499999625608325,false,,false,false,false,,,false,false,,2021-08-12T14:24:18.000Z,0
CVE-2020-15386,https://securityvulnerability.io/vulnerability/CVE-2020-15386,Performance Degradation in Brocade Fabric OS Due to Inefficient Resource Management,"Brocade Fabric OS prior to versions 9.0.1a and 8.2.3a, as well as versions 9.0.0 and 8.2.2d, experience a significant strain on CPU resources during security scanning activities. This heightened CPU load can lead to noticeable delays in command line interface (CLI) command responsiveness and hinder overall system performance, impacting critical operations and user experience.",Broadcom,Brocade Fabric Os,5.3,MEDIUM,0.0010499999625608325,false,,false,false,false,,,false,false,,2021-06-09T15:43:02.000Z,0
CVE-2020-15387,https://securityvulnerability.io/vulnerability/CVE-2020-15387,Insecure SSH Key Length in Brocade Fabric OS and SANnav,"The SSH servers in Brocade Fabric OS prior to version 7.4.2h, 8.2.1c, 8.2.2, 9.0.0, and the Brocade SANnav prior to version 2.1.1 utilize encryption keys that are shorter than the recommended 2048 bits. This weakness may allow attackers to exploit man-in-the-middle attacks, potentially leading to unauthorized access and interception of sensitive data due to insecure SSH communications.",Broadcom,Brocade Sannav & Brocade Fabric Os,7.4,HIGH,0.0012799999676644802,false,,false,false,false,,,false,false,,2021-06-09T15:24:45.000Z,0
CVE-2020-15383,https://securityvulnerability.io/vulnerability/CVE-2020-15383,Denial of Service Vulnerability in Brocade Fabric OS by Broadcom,"The vulnerability involves the configuration and security notification processes within the firmware of Brocade Fabric OS. When security scans are executed against the SAN switch, these processes can exploit memory resources, potentially draining all available memory. This situation may lead to various service impacts, including the possibility of a switch panic, rendering the device unresponsive. Organizations using affected versions are advised to assess their security posture and apply the necessary updates.",Broadcom,Brocade Fabric Os,7.5,HIGH,0.0010499999625608325,false,,false,false,false,,,false,false,,2021-06-09T14:32:31.000Z,0
CVE-2020-15375,https://securityvulnerability.io/vulnerability/CVE-2020-15375,Improper Input Validation in Brocade Fabric OS Command Line Interface,"An improper input validation weakness exists in the command line interface of Brocade Fabric OS. This issue arises when the 'secccrypptocfg' command is invoked, potentially allowing local authenticated users to execute arbitrary commands. As a result, attackers could perform privilege escalation, which may compromise the integrity and confidentiality of system resources. Upgrading to the patched versions is crucial for maintaining security.",Broadcom,Brocade Fabric Os,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-12-11T20:34:43.000Z,0
CVE-2020-15376,https://securityvulnerability.io/vulnerability/CVE-2020-15376,Brocade Fibre Channel SAN Switch Vulnerability in LDAP Implementation,"A flaw exists in Brocade Fabric OS configurations utilizing Virtual Fabric mode, which enables remote LDAP users to gain 'user' privileges when not assigned to any groups. This vulnerability could lead to unauthorized access and elevate risks within Fibre Channel SAN environments.",Broadcom,Brocade Fabric Os,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-12-11T20:34:24.000Z,0
CVE-2020-15374,https://securityvulnerability.io/vulnerability/CVE-2020-15374,Multiple Reflected Input Vulnerabilities in Brocade Fabric OS by Broadcom,"The REST API in certain versions of Brocade Fabric OS is susceptible to multiple reflected input vulnerabilities. These vulnerabilities could allow attackers to potentially exploit the system by sending crafted requests that are reflected back, leading to the possibility of executing malicious scripts or commands. Users and organizations utilizing affected versions of Brocade Fabric OS should assess their systems and consider applying necessary patches or updates as outlined in Broadcom's security advisory.",Broadcom,Brocade Fabric Os,9.8,CRITICAL,0.0024300001095980406,false,,false,false,false,,,false,false,,2020-09-25T13:11:22.000Z,0