879 matches found
CVE-2023-1255 - Possible denial of service on Arm 64 (aarch64) using AES XTS mode
The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash. Impact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM platform can crash in rare circumstances. The AES-XTS algorithm ...
CVE-2022-42003 - In FasterXML jackson-databind before 2.14.0-rc1, ressource exhaustion
In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check-in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAPSINGLEVALUEARRAYS feature is enabled. Additional fix version in 2.13.4.1 and 2.12.17.1 Products Confirme...
CVE-2022-42004 -In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur
In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check-in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization. Products Confirmed No...
CVE-2022-36760 - HTTP Request Smuggling
Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions...
CVE-2016-7117 - Use-after-free vulnerability in the Linux kernel
Use-after-free vulnerability in the sysrecvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing...
CVE-2022-34917 - OutOfMemoryException in Apache Kafka
A security vulnerability has been identified in Apache Kafka. It affects all releases since 2.8.0. The vulnerability allows malicious unauthenticated clients to allocate large amounts of memory on brokers. This can lead to brokers hitting OutOfMemoryException and causing denial of service. Exampl...
CVE-2022-43551 - HSTS check could be bypassed to trick it to keep using HTTP.
A vulnerability exists in curl 7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypasse...
Brocade Product Security Incident Response Team Contact Information
Brocade Communications Systems Brocade is committed to resolving vulnerabilities to meet the needs of its customers and the broader technology community. Brocade Product Security Incident Response Team Brocade PSIRT is a global team that manages the receipt, investigation and internal coordinatio...
CVE-2022-47941, CVE-2022-47942, CVE-2022-47938, CVE-2022-47939, CVE-2022-47940. Vulnerabilities affecting the ksmb module in the Linux kernel versions 5.14 through 5.15.61. (BSA-2022-2157).
Security Advisory ID: BSA-2022-2157 Component: ksmbd module in the Linux kernel Revision: 2.1 Brocade PSIRT has become aware of several vulnerabilities affecting theksmbdmodule in the Linux kernel published by Trend Micro Zero Day Initiative. ZDI-22-1687 - CVSS SCORE: 5.3 - CVE-2022-47941...
CVE-2022-40259, CVE-2022-40242, CVE-2022-2827 -- Vulnerabilities in AMI MegaRAC Baseboard Management Controller (BMC) software.(BSA-2022-2147)
Security Advisory ID: BSA-2022-2147 Component: BMC Software Revision: 1.0 Brocade PSIRT has become aware of several vulnerabilities discovered by Eclypsium Research affecting AMI MegaRAC Baseboard Management Controller BMC software. More information at:...
CVE-2022-2601 & CVE-2022-3775: Multiple GRUB2 vulnerabilities
Security Advisory ID : BSA-2022-2139 Component : GRUB2 Revision : 1.0 Brocade PSIRT has become aware of two grub vulnerabilities. CVE-2022-2601 grub2: A buffer overflow in grubfontconstructglyph can lead to out-of-bound write and possible secure boot by-pass A buffer overflow was found in...
CVE-2022-33186 : EZServer module vulnerability. (BSA-2022-2121)
Security Advisory ID: BSA-2022-2121 Component: EZServer Revision: 2.1 A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier versions could allow a remote unauthenticated attacker to execute on a Brocade Fabric OS switch commands capable of modifying zoning,...
CVE-2022-43933 : Configuration secrets are logged in support-save
Security Advisory ID : BSA-2022-2123 Component : Configsecrets Revision : 1.0 An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where configuration secrets are logged in support-save. Support-save file is generated by an admin user...
CVE-2022-33187 : Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. (BSA-2022-2122)
Security Advisory ID: BSA-2022-2122 Component: DebugLogs Revision: 1.0 Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information...
CVE-2022-43934 : Weak Key-exchange algorithms
Brocade SANnav before Brocade SANnav 2.2.2 supports key exchange algorithms, which are considered weak on ports 24, 6514, 18023, 19094, and 19095. Products Affected Brocade SANnav versions before v2.2.2 Products Confirmed Not Affected No other Brocade Fibre Channel products are affected. Credit...
CVE-2022-43933 : Configuration secrets are logged in support-save
An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where configuration secrets are logged in support-save. Support-save file is generated by an admin user troubleshooting the switch. The Logged information may include usernames and...
CVE-2022-43936: Switch passwords in logs
Brocade SANnav versions before v2.2.2 improperly expose Brocade Fabric OS switch password when debugging is turned on. A local or remote authenticated privileged user with access to logs may gain switch users' passwords. Products Affected Brocade SANnav versions before v2.2.2 Products Confirmed N...
CVE-2022-33186 : EZServer module vulnerability
A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier versions could allow a remote unauthenticated attacker to execute on a Brocade Fabric OS switch commands capable of modifying zoning, disabling the switch, disabling ports, and modifying the switch IP...
CVE-2022-43935: Switch passwords and authorization IDs are printed in the embedded MLS DB file5
An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where Brocade Fabric OS Switch passwords and authorization IDs are printed in the embedded MLS DB file. Products Affected Brocade SANnav versions before v2.2.2 Products Confirmed Not...
CVE-2022-33187 : Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs
Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information. Products Affected Brocade SANnav versions before v2.2.1 Products Confirmed Not Affected No other Brocade Fibre...
CVE-2022-24903: A flaw in rsyslog TCP module could allows an attacker to craft a malicious message leading to a heap-based buffer overflow.
Rsyslog is vulnerable to remote code execution RCE due to improper validation of input data when octet-counted framing is used. An attacker could exploit this vulnerability by supplying a system with maliciously crafted messages. Products Affected. Brocade SANnav - Fixed in Brocade SANnav 2.2.1...
CVE-2022-43936: Switch passwords in logs
Security Advisory ID : BSA-2022-2126 Component : Logs Revision : 1.0 Brocade SANnav versions before v2.2.2 improperly expose Brocade Fabric OS switch password when debugging is turned on. A local or remote authenticated privileged user with access to logs may gain switch users' passwords...
CVE-2022-43935: Switch passwords and authorization IDs are printed in the embedded MLS DB file5
Security Advisory ID : BSA-2022-2125 Component : MLSDB Revision : 1.0 An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where Brocade Fabric OS Switch passwords and authorization IDs are printed in the embedded MLS DB file...
CVE-2022-24903: A flaw in rsyslog TCP module could allow an attacker to craft a malicious message leading to a heap-based buffer overflow. (BSA-2022-2127)
Security Advisory ID: BSA-2022-2127 Component: Rsyslog Revision: 1.0 Rsyslog is vulnerable to remote code execution RCE due to improper validation of input data when octet-counted framing is used. An attacker could exploit this vulnerability by supplying a system with maliciously crafted messages...
CVE-2022-43934 : Weak Key-exchange algorithms
Security Advisory ID : BSA-2022-2124 Component : Crypto Revision : 1.0 Brocade SANnav before Brocade SANnav 2.2.2 supports key exchange algorithms, which are considered weak on ports 24, 6514, 18023, 19094, and 19095...
CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl
Security Advisory ID : BSA-2022-1661 Component : OpenSSL Revision : 1.0 A flaw was found in the way OpenSSL verified certificates via the X509verifycert function. X509verifycert fuunction may return a negative return value to indicate an internal error for example, out of memory. Such a negative...
CVE-2021-23017: NGINX Resolver Vulnerability
Security Advisory ID : BSA-2021-1516 Component : NGINX Revision : 1.0 A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...
CVE-2021-23017: NGINX Resolver Vulnerability
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. Products Affected. Brocade SANnav - Fixed in Brocade SANnav 2.2.1...
CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl
A flaw was found in the way OpenSSL verified certificates via the X509verifycert function. X509verifycert fuunction may return a negative return value to indicate an internal error for example, out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO function such...
CVE-2022-3358 : Using a Custom Cipher with NID_undef may lead to NULL encryption
OpenSSL supports creating a custom cipher via the legacy EVPCIPHERmethnew function and associated function calls. This function was deprecated in OpenSSL 3.0, and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. OpenSSL versions...
CVE-2022-3358 : Using a Custom Cipher with NID_undef may lead to NULL encryption
Security Advisory ID : BSA-2022-2094 Component : OpenSSL Revision : 1.0 OpenSSL supports creating a custom cipher via the legacy EVPCIPHERmethnew function and associated function calls. This function was deprecated in OpenSSL 3.0, and application authors are instead encouraged to use the new...
CVE-2022-3786 and CVE-2022-3602: X.509 Email Address Buffer Overflows
Security Advisory ID : BSA-2022-2115 Component : OpenSSL Revision : 1.0 On November 1st, 2022 the OpenSSL Project disclosed CVE-2022-3602 and CVE-2022-3786 present in OpenSSL 3.0.x... The vulnerabilities were initially rated as critical severity vulnerabilities but are now disclosed as high. More...
CVE-2022-42889. Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults.
Security Advisory ID : BSA-2022-2096 Component : Apache Commons Text Revision : 1.1 Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an...
CVE-2022-0778 - Infinite loop in BN_mod_sqrt() reachable when parsing certificates
Security Advisory ID: BSA-2022-1752 Component: OpenSSL Revision: 2.0 The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. More information is at https://www.openssl.org/news/secadv/20220315.txt Affected Products Broca...
CVE-2018-5764, CVE-2017-16548 and CVE-2017-1734. Vulnerabilities in rsynd
Security Advisory ID : BSA-2022-2074 Component : rsyncd Revision : 1.0 CVE-2018-5764: The parsearguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection mechanism. Base...
CVE-2022-33178. A vulnerability in the radius authentication system could allow arbitrary code execution.
Security Advisory ID : BSA-2022-2077 Component : FOS Revision : 1.0 A vulnerability in the radius authentication system of Brocade Fabric OS before Brocade Fabric OS 9.0 could allow a remote attacker to execute arbitrary code on the Brocade switch. Due to improper input validation, the privileged...
CVE-2015-4041: Denial of service (heap-based buffer overflow and application crash) in GNU Coreutils
Security Advisory ID : BSA-2022-1407 Component : GNU Coreutils Revision : 1.0 The keycomparemb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers ...
CVE-2022-33182. Privilege escalation using switch commands "supportlink", "firmwaredownload", "portcfgupload","license", and "fosexec".
Security Advisory ID : BSA-2022-2084 Component : FOS Revision : 2.0 A privilege escalation vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, could allow a local authenticated user to escalate its privilege to root using switch commands "supportlink...
CVE-2021-3711: ASN1_STRING structure contains a buffer holding the string data
Security Advisory ID : BSA-2022-1586 Component : OpenSSL Revision : 2.0 In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and,...
CVE-2022-28169 - Brocade Fabric OS Privilege Escalation Vulnerability (BSA-2022-2075)
Security Advisory ID : BSA-2022-2075 Component : Webtools Revision : 3.1 Brocade Webtools in Brocade Fabric OS versions before Brocade Fabric OS versions v9.1.1, v9.0.1e, and v8.2.3c could allow a low privilege webtools user to gain elevated admin rights, or privileges, beyond what is intended or...
CVE-2022-33184. Stack-based buffer overflows, allowing the execution of arbitrary code.
Security Advisory ID : BSA-2022-2080 Component : FOS Revision : 1.0 A vulnerability in fabseg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and...
CVE-2022-33183. Stack buffer overflow using in “firmwaredownload†and “diagshow†commands.
Security Advisory ID : BSA-2022-2085 Component : FOS Revision : 1.1 A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in “firmwaredownload†and...
CVE-2022-33185. Several commands in Brocade Fabric OS use unsafe string function to process user input
Security Advisory ID : BSA-2022-2078 Component : FOS Revision : 1.1 Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer...
CVE-2021-34798. NULL pointer dereference in httpd core.
Security Advisory ID : BSA-2022-1597 Component : Apache httpd Revision : 1.0 Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. Affected Products All versions of Brocade Fabric OS...
CVE-2022-33181. Information disclosure vulnerability in Brocade Fabric OS CLI using switch commands “configshow” and “supportlink”.
An information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a local authenticated attacker to read sensitive files using switch commands “configshow” and “supportlink”. Affected Product All Brocade Fabric OS...
CVE-2022-33180. Sensitive files export.
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5 could allow a local authenticated attacker to export out sensitive files with “seccryptocfg”, “configupload”. Affected Product All Brocade Fabric OS versions...
CVE-2021-3711: ASN1_STRING structure contains a buffer holding the string data
In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size...
BSA-2022-2075
Brocade Webtools in Brocade Fabric OS versions before Brocade Fabric OS versions v9.1.1, v9.0.1e, and v8.2.3c could allow a low privilege webtools user to gain elevated admin rights, or privileges, beyond what is intended or entitled for that user. By exploiting this vulnerability, a user whose...
CVE-2022-33178. A vulnerability in the radius authentication system could allow arbitrary code execution.
A vulnerability in the radius authentication system of Brocade Fabric OS before Brocade Fabric OS 9.0 could allow a remote attacker to execute arbitrary code on the Brocade switch. Due to improper input validation, the privileged attacker could provide a script as Brocade-Auth-Role parameter that...
CVE-2022-33185. Several commands in Brocade Fabric OS use unsafe string function to process user input
Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user account...