43 matches found
Security Bulletin: Vulnerability in Fabric OS firmware used by IBM b-type SAN directors and switches.
Summary Public disclosed vulnerability from OpenSSL in the Fabric OS FOS used by IBM b-type SAN directors and switches. Vulnerability Details CVEID:CVE-2022-0778 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw in the BNmodsqrt function when parsing certificates. By usi...
fos-bos-hof.de Cross Site Scripting vulnerability OBB-2655151
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
fos-bos-hof.de Cross Site Scripting vulnerability OBB-2350419
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Cross site request forgery (csrf)
The request handling functions in web management interface of Brocade Fabric OS versions before v9.0.1a, v8.2.3a, and v7.4.2h do not properly handle malformed user input, resulting in a service crash. An authenticated attacker could use this weakness to cause the FOS HTTP application handler to...
CVE-2021-27792
CVE-2021-27792 affects Brocade Fabric OS with a flaw in the web management interface: input validation failure for malformed requests can crash the FOS HTTP application handler, causing a DoS and reboot requirement. Affected products include Brocade Fabric OS versions before 9.0.1a, 8.2.3a, and 7...
BSA-2021-1490
Security Advisory ID : BSA-2021-1490 Component : Web Management Interface Revision : 1.1 The request handling functions in web management interface of Brocade Fabric OS versions before v9.0.1a, v8.2.3a, and v7.4.2h do not properly handle malformed user input, resulting in a service crash. An...
Security Bulletin: Vulnerability in Fabric OS used by IBM b-type SAN directors and switches.
Summary Public disclosed vulnerability from OpenSSL in the Fabric OS used by IBM b-type SAN directors and switches. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERALNAMEcmp function contain an...
Security Bulletin: Vulnerability in the Fabric OS used by IBM b-type SAN directors and switches.
Summary Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric mode contain a weakness in the ldap implementation . Vulnerability Details CVEID: CVE-2020-15376 DESCRIPTION: Broadcom Brocade Fabric OS could allow a remote attacker to bypass security...
Security Bulletin: OpenSSL (Publicly disclosed vulnerability) for IBM b-type switches and directors
Summary Fixes are released for OpenSSL Publicly disclosed vulnerability for IBM b-type switches and directors. Vulnerability Details CVEID: CVE-2019-1547 DESCRIPTION: OpenSSL could allow a local authenticated attacker to obtain sensitive information, caused by the ability to construct an EC group...
fos-pindl.de Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1073289 Security Researcher badmaxx Helped patch 1673 vulnerabilities Received 5 Coordinated Disclosure badges Received 5 recommendations , a holder of 5 badges for responsible and coordinated disclosure, found a security vulnerability affecting fos-pindl.de website and it...
Security Bulletin: Vulnerability in the Fabric OS used by IBM b-type SAN directors and switches.
Summary Public disclosed vulnerability from OpenSSL in the Fabric OS used by IBM b-type SAN directors and switches. Vulnerability Details CVEID: CVE-2018-0735 DESCRIPTION: The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use...
Security Bulletin: Vulnerability in Fabric OS used by IBM b-type SAN directors and switches.
Summary Public disclosed vulnerability from OpenSSL in the Fabric OS used by IBM b-type SAN directors and switches. Vulnerability Details CVEID: CVE-2018-0737 DESCRIPTION: The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker...
Security Bulletin: Multiple vulnerabilities in Java SDK affect IBM b-type SAN directors and switches.
Summary There are multiple vulnerabilities in SDK Java™ affecting IBM b-type SAN directors and switches. These issues were disclosed as part of the Java SDK updates in July 2018. Vulnerability Details CVEID: CVE-2018-2952 DESCRIPTION: An unspecified vulnerability related to the Java SE Concurrenc...
BSA-2018-539
Security Advisory ID : BSA-2018-539 Component : OpenSSH Revision : 2.0: Final The resendbytes function in roamingcommon.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffe...
fos-bos-traunstein.de XSS vulnerability
Open Bug Bounty ID: OBB-560443 Description| Value ---|--- Affected Website:| fos-bos-traunstein.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Cross site scripting
Cross-site scripting XSS vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS FOS versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based information...
Race condition
A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS FOS versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service CPU consumption and device hang condition by sending crafted Router Advertisement RA messages to a...
CVE-2017-6225
CVE-2017-6225 affects Brocade Fabric OS Web GUI: cross-site scripting due to improper input validation in the web-based management interface. A remote attacker could execute arbitrary script in a victim’s browser or access sensitive information. Affected products include Brocade Fibre Channel SAN...
BSA-2017-247
Security Advisory ID : BSA-2017-247 Component : OpenSSH Revision : 3.0: Final Theauthpasswordfunction inauth-passwd.cinsshdinOpenSSHbefore 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service crypt CPU consumption via a long...
CVE-2016-4376
HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches allows remote attackers to obtain sensitive information via unspecified vectors...