25 matches found
HPESBST04758 rev.1 - HPE SAN Switches with Brocade Fabric OS (FOS), Multiple Remote and Local Vulnerabilities
Potential Security Impact: Local: Elevation of Privilege, Escalation of Privilege; Remote: Arbitrary Command Execution, Authentication Bypass, Creation and Deletion of Arbitrary Files, Denial of Service DoS, Gain Privileged Access SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP...
HPESBST04679 rev.2 - HPE Fibre Channel and SAN Switches with Brocade Fabric OS (FOS), Multiple Vulnerabilities
Potential Security Impact: Remote: Denial of Service DoS, Disclosure of Sensitive Information, Unauthorized Data Modification, Unauthorized Read Access to Data, Buffer Overflow, Stack Overflow SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Brocade 32Gb Fibre Channel SAN Switch fo...
HPESBST04649 rev.1 - HPE SAN Switches with Brocade Fabric OS (FOS), Remote Code Execution and Elevated Privileges Vulnerability
Potential Security Impact: Remote: Arbitrary Code Execution, Elevated Privileges SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE B-series SN2600B SAN Extension Switch - v9.x prior to v9.1.1d1 HPE B-series SN3600B Fibre Channel Switch - v9.x prior to v9.1.1d1 HPE B-series SN470...
HTTPS configuration between Brocade SANnav Management Portal and Brocade SAN switches (no CVE)
A security researcher reported a lack of encryption in Brocade SANnav for management protocol HTTP. The researcher states: By default, the appliance can be installed with these options: To configure HTTP or HTTPS connections between SANnav Management Portal and SAN switches, select one of the...
HPESBST04635 rev.1 - HPE SAN Switches with Brocade Fabric OS (FOS), Multiple Remote and Local Vulnerabilities
Potential Security Impact: Local: Multiple Vulnerabilities; Remote: Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE B-series SN2600B SAN Extension Switch - Prior to v9.2.1, v9.2.0b and v9.1.1d HPE B-series SN3600B Fibre Channel Switch - Prior to v9.2.1...
Security Bulletin: IBM b-type SAN switches and directors affected by Open Source OpenSSL Vulnerabilities (CVE-2016-2180).
Summary IBM b-type SAN switches and directors has addressed Open Source OpenSSL Vulnerabilities. Vulnerability Details CVEID:CVE-2016-2180 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TSOBJprintbio function. A remote attacker could exploit this...
Security Bulletin: IBM b-type SAN switches and directors affected by Open Source OpenSSL Vulnerabilities (CVE-2016-2177, CVE-2016-2178).
Summary IBM b-type SAN switches and directors addressing Open Source OpenSSL Vulnerabilities CVE-2016-2177, CVE-2016-2178. Vulnerability Details Relevant CVE Information: CVEID: CVE-2016-2177 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM SAN b-type Switches
Summary OpenSSL issues from March 2015 containing 12 CVE were disclosed. This bulletin addresses the vulnerabilities that have been referred to as Open SSL used by IBM SAN b-type Switches. Vulnerability Details CVEID: CVE-2015-0291 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By...
Security Bulletin: IBM b-type SAN switches and directors affected by OpenSSL Security Advisory [22 Sep 2016] and [26 Sep 2016].
Summary IBM b-type SAN switches and directors addressing OpenSSL Security Advisory 22 Sep 2016 and 26 Sep 2016 vulnerabilities. Vulnerability Details CVEID: CVE-2016-6302 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation o...
Security Bulletin: IBM b-type SAN switches and directors affected by XSS vulnerabilities CVE-2017-6225.
Summary Fabric OS is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web-based management interface. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser with...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM b-type SAN switches and directors (CVE-2016-2108)
Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM b-type SAN switches and directors has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2016-2108 DESCRIPTION: OpenSSL could allow a remote attacker to execute arbitrary code ...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM b-type SAN switches and directors and IBM Network Advisor (CVE-2016-0705, CVE-2016-0797, CVE-2016-0799, CVE-2016-0702, CVE-2016-0704, CVE-2016-0704, CVE-2016-2842).
Summary OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by IBM b-type SAN switches and directors and IBM Network Advisor. IBM has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0705DESCRIPTION: OpenSSL is vulnerable to a denial...
Security Bulletin: Vulnerability in SANNav Software used by IBM b-type SAN directors and switches.
Summary The SANnav Management Portal and Global View products are vulnerable due to a Jave SE issue. The vulnerability has been addressed and can be resolved by applying the SANnav code level listed below. Vulnerability Details CVEID:CVE-2022-21541 DESCRIPTION: An unspecified vulnerability in Jav...
HPESBST04384 rev.2 - HPE B-series SAN Switches with Brocade Fabric OS (FOS), Remote Authentication Bypass
Potential Security Impact: Remote: Authentication Bypass, Unqualified Configuration Change SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SN8000B 4-slot SAN Director Switch - v8.x prior to v8.2.3c1 HPE SN8000B 8-slot SAN Director Switch - v8.x prior to v8.2.3c1 HPE SN8600B...
HPESBST04367 rev.1 - HPE SAN Switches with Brocade Fabric OS (FOS), Multiple Remote and Local Vulnerabilities
Potential Security Impact: Local: Arbitrary Code Execution, Denial of Service DoS, Disclosure of Sensitive Information, Elevation of Privilege, Escalation of Privilege, Unauthorized Access to Files, Unauthorized Access to Sensitive Information; Remote: Arbitrary Code Execution, Denial of Service...
Security Bulletin: OpenSSL Security Advisory [22 Sep 2016] and [26 Sep 2016] affects IBM Cisco SAN switches and directors.
Summary Open SSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs. Vulnerability Details Relevant CVE Information: CVEID: CVE-2016-6302 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the failure to consid...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cisco SAN switches and directors (CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176)
Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2108DESCRIPTION: OpenSSL could allow a remot...
Security Bulletin: IBM Cisco SAN switches and directors are vulnerable to OpenSSL denial of service (CVE-2016-2180).
Summary IBM Cisco SAN switches and directors OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TSOBJprintbio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. Vulnerability...
HPESBST04254 rev.1 - HPE Fibre Channel and SAN Switches with Brocade Fabric OS (FOS) Prior to v8.0.1b and v7.4.1d, Disclosure of Privileged Information
Potential Security Impact: Remote: Disclosure of Privileged Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE B-series SN6000B Fibre Channel Switch -Prior to v8.0.1b HPE B-series SN3600B Fibre Channel Switch -Prior to v8.0.1b HPE B-series SN4000B SAN Extension Switch...
Security Bulletin: Vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches.
Summary Public disclosed OpenSSL vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches. Vulnerability Details CVEID: CVE-2021-23839 DESCRIPTION: OpenSSL could provide weaker than expected security, caused by incorrect SSLv2 rollback protection that allows for the inversion...