Broadcom

Brocade Fabric Operating System

11 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2023-31926

  • EPSS 0.03%
  • Published 02.08.2023 01:15:09
  • Last modified 13.02.2025 17:16:28

System files could be overwritten using the less command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0.

5.3

CVE-2023-31927

  • EPSS 0.36%
  • Published 02.08.2023 01:15:09
  • Last modified 13.02.2025 17:16:28

An information disclosure in the web interface of Brocade Fabric OS versions before Brocade Fabric OS v9.2.0 and v9.1.1c, could allow a remote unauthenticated attacker to get technical details about the web interface.

5.5

CVE-2023-31430

  • EPSS 0.04%
  • Published 02.08.2023 00:15:17
  • Last modified 13.02.2025 17:16:28

A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service.

5.5

CVE-2023-31431

  • EPSS 0.04%
  • Published 02.08.2023 00:15:17
  • Last modified 13.02.2025 17:16:28

A buffer overflow vulnerability in “diagstatus” command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could allow an authenticated user to crash the Brocade Fabric OS switch leading to a denial of service.

7.8

CVE-2023-31432

  • EPSS 0.06%
  • Published 02.08.2023 00:15:17
  • Last modified 13.02.2025 17:16:28

Through manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-privileged user could obtain root privileges in Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c and v9.2.0.

6.1

CVE-2023-31928

  • EPSS 0.12%
  • Published 02.08.2023 00:15:17
  • Last modified 13.02.2025 17:16:29

A reflected cross-site scripting (XSS) vulnerability exists in Brocade Webtools PortSetting.html of Brocade Fabric OS version before Brocade Fabric OS v9.2.0 that could allow a remote unauthenticated attacker to execute arbitrary JavaScript code in ...

5.5

CVE-2023-31428

  • EPSS 0.04%
  • Published 02.08.2023 00:15:16
  • Last modified 13.02.2025 17:16:28

Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability in the command line that could allow a local user to dump files under user's home directory using grep.

7

CVE-2021-23133

Exploit
  • EPSS 0.02%
  • Published 22.04.2021 18:15:08
  • Last modified 21.11.2024 05:51:16

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr...

5.5

CVE-2020-35507

Exploit
  • EPSS 0.05%
  • Published 04.01.2021 15:15:15
  • Last modified 21.11.2024 05:27:27

There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat o...

7.5

CVE-2020-12243

Exploit
  • EPSS 6.57%
  • Published 28.04.2020 19:15:12
  • Last modified 21.11.2024 04:59:22

In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).