Broadcom

Fabric Operating System

95 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.3

CVE-2024-24795

  • EPSS 1.12%
  • Veröffentlicht 04.04.2024 20:15:08
  • Zuletzt bearbeitet 30.06.2025 12:55:47

HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, ...

7.3

CVE-2023-38709

  • EPSS 3.26%
  • Veröffentlicht 04.04.2024 20:15:08
  • Zuletzt bearbeitet 04.11.2025 22:15:53

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.

9.8

CVE-2023-3454

  • EPSS 4.9%
  • Veröffentlicht 04.04.2024 17:15:09
  • Zuletzt bearbeitet 13.02.2025 17:16:56

Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could allow an attacker to execute arbitrary code and use this to gain root access to the Brocade switch.

8.1

CVE-2021-27795

  • EPSS 0.04%
  • Veröffentlicht 06.12.2023 02:15:06
  • Zuletzt bearbeitet 21.11.2024 05:58:34

Brocade Fabric OS (FOS) hardware platforms running any version of Brocade Fabric OS software, which supports the license string format; contain cryptographic issues that could allow for the installation of forged or fraudulent license keys. This ...

4.4

CVE-2023-4163

  • EPSS 0.03%
  • Veröffentlicht 31.08.2023 01:15:09
  • Zuletzt bearbeitet 13.02.2025 17:17:15

In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command.

4.4

CVE-2023-4162

  • EPSS 0.02%
  • Veröffentlicht 31.08.2023 01:15:08
  • Zuletzt bearbeitet 20.02.2026 21:22:30

A segmentation fault can occur in Brocade Fabric OS after Brocade Fabric OS v9.0 and before Brocade Fabric OS v9.2.0a through the passwdcfg command. This could allow an authenticated privileged user local user to crash a Brocade Fabric OS swith ...

7.5

CVE-2023-3489

  • EPSS 0.11%
  • Veröffentlicht 31.08.2023 00:15:07
  • Zuletzt bearbeitet 13.02.2025 17:16:56

The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server password in clear text in the SupportSave file when performing a downgrade from Fabric OS v9.2.0 to any earlier version of Fabric OS.

7.8

CVE-2023-31427

  • EPSS 0.06%
  • Veröffentlicht 01.08.2023 23:15:28
  • Zuletzt bearbeitet 13.02.2025 17:16:28

Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric ...

6.5

CVE-2023-31426

  • EPSS 0.16%
  • Veröffentlicht 01.08.2023 22:15:13
  • Zuletzt bearbeitet 21.11.2024 08:01:50

The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave. This could allow a remote authenticated attacker to access sensitive inform...

5.5

CVE-2023-31429

  • EPSS 0.15%
  • Veröffentlicht 01.08.2023 21:15:10
  • Zuletzt bearbeitet 21.11.2024 08:01:50

Brocade Fabric OS before Brocade Fabric OS 9.1.1c, 9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowc...