Broadcom Security Vulnerabilities
tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160.
7.8CVSS
7.2AI Score
0.005EPSS
Symantec SSL Visibility (SSLV) 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11, and 3.12 prior to 3.12.2.1 are vulnerable to the Return of the Bleichenbacher Oracle Threat (ROBOT) attack. All affected SSLV versions act as weak oracles according the oracle classification used in the ROBOT research paper. A re...
5.9CVSS
5.5AI Score
0.002EPSS
Symantec IntelligenceCenter 3.3 is vulnerable to the Return of the Bleichenbacher Oracle Threat (ROBOT) attack. A remote attacker, who has captured a pre-recorded SSL session inspected by SSLV, can establish large numbers of crafted SSL connections to the target and obtain the session keys required...
5.9CVSS
5.5AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based information.
6.1CVSS
6.2AI Score
0.003EPSS
A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a...
6.5CVSS
6.2AI Score
0.001EPSS
Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet.
7.8CVSS
7.7AI Score
0.009EPSS
On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r (FT) authentication response, leading to remote code execution via a crafted access point that sends a long R0KH-ID field in a Fast BSS Transition Information Element (FT-IE).
8.8CVSS
7.5AI Score
0.013EPSS
Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC SoC chips, when the firmware supports CCKM Fast and Secure Roaming and the feature is enabled in RAM, allows remote attackers to execute arbitrary code via a crafted reassociation response frame with a Cisco IE (156).
8.1CVSS
8.4AI Score
0.117EPSS
Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue.
9.8CVSS
8.9AI Score
0.059EPSS
get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep.
7.5CVSS
7.9AI Score
0.003EPSS
Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information.
7.5CVSS
7.4AI Score
0.001EPSS
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information.
7.5CVSS
7.5AI Score
0.002EPSS
Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks.
9.8CVSS
9.8AI Score
0.001EPSS
Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks.
6.1CVSS
6.1AI Score
0.001EPSS
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks.
9.1CVSS
9.1AI Score
0.002EPSS
CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names.
5.3CVSS
5.3AI Score
0.001EPSS
Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentially execute arbitrary code.
9.8CVSS
9.7AI Score
0.081EPSS
A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file.
7.1CVSS
7.8AI Score
0.001EPSS
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) ...
7.1CVSS
7.8AI Score
0.001EPSS
An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (pa...
5.5CVSS
7AI Score
0.001EPSS
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting (XSS) vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web lis...
6.1CVSS
5.9AI Score
0.001EPSS
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. An information disclosure vulnerability in the WebFTP mode allows a malicious user to obtain plaintext authentication credentials for a remote FTP server ...
6.5CVSS
6.4AI Score
0.001EPSS
A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service.
5.5CVSS
6.8AI Score
0.001EPSS
A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact.
9.8CVSS
8.6AI Score
0.002EPSS
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to access survey information.
7.5CVSS
7.4AI Score
0.001EPSS
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface.
9.8CVSS
9.4AI Score
0.003EPSS
Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI command.
8.8CVSS
8.7AI Score
0.002EPSS
7.8CVSS
7.9AI Score
0.001EPSS
Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c.
7.8CVSS
7.9AI Score
0.001EPSS
Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, 6.6, and 6.7 are susceptible to a SAML authentication bypass vulnerability. The products can be configured with a SAML authentication realm to authenticate network users in intercepted proxy traffic. When parsing SAML responses, A...
9.8CVSS
9.5AI Score
0.004EPSS
A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system.
5.5CVSS
6.4AI Score
0.0004EPSS
A vulnerability in the web management interface of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow attackers to intercept or manipulate a user's session ID.
7.5CVSS
7.5AI Score
0.001EPSS
A Vulnerability in the secryptocfg command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, and gain root access.
7.8CVSS
7.7AI Score
0.0004EPSS
A Vulnerability in the firmwaredownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.
7.8CVSS
7.7AI Score
0.0004EPSS
A Vulnerability in the help command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.
7.8CVSS
7.7AI Score
0.0004EPSS
A Vulnerability in the supportsave command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.
7.8CVSS
7.7AI Score
0.0004EPSS
A Vulnerability in the configdownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.
7.8CVSS
7.7AI Score
0.0004EPSS
A vulnerability in the proxy service of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote unauthenticated attackers to obtain sensitive information and possibly cause a denial of service attack.
9.1CVSS
8.4AI Score
0.004EPSS
A vulnerability in Secure Shell implementation of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to provide arbitrary environment variables, and bypass the restricted configuration shell.
7.8CVSS
7.6AI Score
0.0004EPSS
A vulnerability in the Brocade Webtools firmware update section of Brocade Fabric OS before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote authenticated attackers to execute arbitrary commands.
8.8CVSS
8.2AI Score
0.002EPSS
A vulnerability in Brocade Network Advisor Version Before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications.
9.8CVSS
9.4AI Score
0.004EPSS
A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account.
5.4CVSS
6.9AI Score
0.001EPSS
A vulnerability in the management interface in Brocade Fabric OS Versions before Brocade Fabric OS v9.0.0 could allow a remote attacker to perform a denial of service attack on the vulnerable host.
7.5CVSS
8.3AI Score
0.002EPSS
Host Header Injection vulnerability in the http management interface in Brocade Fabric OS versions before v9.0.0 could allow a remote attacker to exploit this vulnerability by injecting arbitrary HTTP headers
6.1CVSS
7.8AI Score
0.001EPSS
CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.
6.1CVSS
6AI Score
0.001EPSS
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.
9.8CVSS
9.9AI Score
0.008EPSS
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file.
9.8CVSS
9.9AI Score
0.093EPSS
An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script.
8.8CVSS
8.9AI Score
0.001EPSS
An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file.
5.3CVSS
5.3AI Score
0.001EPSS
An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input.
7.5CVSS
7.5AI Score
0.001EPSS