cbcvebase.

Brocade Fabric Os vulnerabilities

8 known vulnerabilities affecting brocade/brocade_fabric_os.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2024-5461P3HIGHCVSS 8.0vbefore 8.2.3e1_pha2025-02-15
CVE-2024-5461 [HIGH] CWE-78 CVE-2024-5461: Implementation of the Simple Network Management Protocol (SNMP) operating on the Brocade 6547 (FC50 Implementation of the Simple Network Management Protocol (SNMP) operating on the Brocade 6547 (FC5022) embedded switch blade, makes internal script calls to system.sh from within the SNMP binary. An authenticated attacker could perform command or parameter injection on SNMP operations that are only enabled on the Brocade 6547 (FC5022) embedded switch. Thi
nvd
CVE-2019-16203P3HIGHCVSS 7.5vBrocade Fabric OS Versions before v8.2.2a and v8.2.1d2020-02-05
CVE-2019-16203 [HIGH] CWE-532 CVE-2019-16203: Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote ESR Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote ESRS server when these credentials are given as a command line option when configuring the ESRS client.
nvd
CVE-2024-5462P3HIGHCVSS 7.5vbefore Fabric OS 9.2.02025-02-15
CVE-2024-5462 [HIGH] CWE-319 CVE-2024-5462: If Brocade Fabric OS before Fabric OS 9.2.0 configuration settings are not set to encrypt SNMP passw If Brocade Fabric OS before Fabric OS 9.2.0 configuration settings are not set to encrypt SNMP passwords, then the SNMP privsecret / authsecret fields can be exposed in plaintext. The plaintext passwords can be exposed in a configupload capture or a supportsave capture if encryption of passwords is not enabled. An attacker can use these passwords to fet
nvd
CVE-2019-16204P3HIGHCVSS 7.5vBrocade Fabric OS Versions before v7.4.2fvv8.2.2a+1 more2020-02-05
CVE-2019-16204 [HIGH] CWE-532 CVE-2019-16204: Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external passwo Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external passwords, common secrets or authentication keys used between the switch and an external server.
nvd
CVE-2023-31426P3MEDIUMCVSS 6.5vbefore Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.02023-08-01
CVE-2023-31426 [MEDIUM] CWE-532 CVE-2023-31426: The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1. The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave. This could allow a remote authenticated attacker to access sensitive information.
nvd
CVE-2021-27798P4MEDIUMCVSS 5.5vBrocade Fabric OS 7.4.1b, and 7.3.1d.2022-08-05
CVE-2021-27798 [MEDIUM] CWE-22 CVE-2021-27798: A vulnerability in Brocade Fabric OS versions 7.4.1b and 7.3.1d could allow local users to conduct p A vulnerability in Brocade Fabric OS versions 7.4.1b and 7.3.1d could allow local users to conduct privileged directory transversal. Brocade Fabric OS versions 7.4.1.x and 7.3.x have reached end of life. Brocade Fabric OS Users should upgrade to supported versions as described in the Product End-of-Life published report.
nvd
CVE-2023-31430P4MEDIUMCVSS 5.5vbefore Brocade Fabric OS v9.1.1c and v9.2.02023-08-02
CVE-2023-31430 [MEDIUM] CWE-120 CVE-2023-31430: A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fab A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service.
nvd
CVE-2023-4163P4MEDIUMCVSS 4.4vFabric OS before v9.2.0a2023-08-31
CVE-2023-4163 [MEDIUM] CWE-120 CVE-2023-4163: In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer ov In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command.
nvd
Brocade Fabric Os vulnerabilities | cvebase