cbcvebase.

Brocade Fabric Os vulnerabilities

30 known vulnerabilities affecting brocade/fabric_os.

Total CVEs
30
CISA KEV
1
actively exploited
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH13MEDIUM13LOW3

Vulnerabilities

Page 2 of 2
CVE-2024-29954P4MEDIUMCVSS 5.5vbefore v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e2024-06-26
CVE-2024-29954 [MEDIUM] CWE-312 CVE-2024-29954: A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp. Detail. When the firmwaredownload command is incorrectly entered or points to an er
nvd
CVE-2017-6227P4MEDIUMCVSS 6.5v8.0.2b22018-02-08
CVE-2017-6227 [MEDIUM] CVE-2017-6227: A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (F A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a targeted system.
nvd
CVE-2023-31428P4MEDIUMCVSS 5.5vbefore Brocade Fabric OS v9.1.1c, v9.2.02023-08-02
CVE-2023-31428 [MEDIUM] CWE-434 CVE-2023-31428: Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability in the command l Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability in the command line that could allow a local user to dump files under user's home directory using grep.
nvd
CVE-2023-31431P4MEDIUMCVSS 5.5vbefore Brocade Fabric OS v9.1.1c, v9.2.02023-08-02
CVE-2023-31431 [MEDIUM] CWE-120 CVE-2023-31431: A buffer overflow vulnerability in “diagstatus” command in Brocade Fabric OS before Brocade Fabric v A buffer overflow vulnerability in “diagstatus” command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could allow an authenticated user to crash the Brocade Fabric OS switch leading to a denial of service.
nvd
CVE-2023-5973P4MEDIUMCVSS 4.3vVersions v9.x and before v9.2.02024-04-05
CVE-2023-5973 [MEDIUM] CWE-346 CVE-2023-5973: Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display.
nvd
CVE-2024-29953P4MEDIUMCVSS 4.3vbefore v9.2.1, v9.2.0b, and v9.1.1d2024-06-26
CVE-2024-29953 [MEDIUM] CWE-922 CVE-2024-29953: A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d prints A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d prints encoded session passwords on session storage for Virtual Fabric platforms. This could allow an authenticated user to view other users' session encoded passwords.
nvd
CVE-2023-4162P4MEDIUMCVSS 4.4vBrocade Fabric OS after Brocade Fabric OS v9.0 and before Brocade Fabric OS v9.2.0a2023-08-31
CVE-2023-4162 [MEDIUM] CWE-252 CVE-2023-4162: A segmentation fault can occur in Brocade Fabric OS after Brocade Fabric OS v9.0 and before Brocad A segmentation fault can occur in Brocade Fabric OS after Brocade Fabric OS v9.0 and before Brocade Fabric OS v9.2.0a through the passwdcfg command. This could allow an authenticated privileged user local user to crash a Brocade Fabric OS swith using the cli “passwdcfg --set -expire -minDiff“.
nvd
CVE-2025-58381P4LOWCVSS 2.3vbefore 9.2.1c22026-02-03
CVE-2025-58381 [LOW] CWE-35 CVE-2025-58381: A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with adm A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with admin privileges using the shell commands “source, ping6, sleep, disown, wait to modify the path variables and move upwards in the directory structure or to traverse to different directories.
nvd
CVE-2025-58380P4LOWCVSS 2.3vbefore 9.2.12026-02-03
CVE-2025-58380 [LOW] CWE-35 CVE-2025-58380: A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated attacker with admin p A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated attacker with admin privileges using the shell command “grep” to modify the path variables and move upwards in the directory structure or to traverse to different directories.
nvd
CVE-2025-4661P4LOWCVSS 2.3vBrocade Fabric OS 9.1.0 through 9.2.22025-06-19
CVE-2025-4661 [LOW] CWE-22 CVE-2025-4661: A path transversal vulnerability in Brocade Fabric OS 9.1.0 through 9.2.2 could allow a local admin A path transversal vulnerability in Brocade Fabric OS 9.1.0 through 9.2.2 could allow a local admin user to gain access to files outside the intended directory potentially leading to the disclosure of sensitive information. Note: Admin level privilege is required on the switch in order to exploit
nvd
Brocade Fabric Os vulnerabilities | cvebase