Fabric Operating System Security Vulnerabilities and Issues — Fabric Operating System CVE List

Lucene search

BroadcomFabric Operating System

9 matches found

CVE•added 2020/09/25 2:15 p.m.•44 views

CVE-2018-6447

A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account.

5.4CVSS6.9AI score0.00303EPSS

CVE•added 2020/09/25 2:15 p.m.•43 views

CVE-2020-15369

Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server. An authenticated user could obtain the exposed password credentials to gain access to the remote...

8.8CVSS9.3AI score0.0022EPSS

CVE•added 2020/09/25 2:15 p.m.•41 views

CVE-2018-6449

Host Header Injection vulnerability in the http management interface in Brocade Fabric OS versions before v9.0.0 could allow a remote attacker to exploit this vulnerability by injecting arbitrary HTTP headers

6.1CVSS7.8AI score0.0027EPSS

CVE•added 2020/09/25 2:15 p.m.•41 views

CVE-2020-15371

Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability.

9.8CVSS9.8AI score0.00571EPSS

CVE•added 2020/09/25 2:15 p.m.•41 views

CVE-2020-15373

Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks.

9.8CVSS9.8AI score0.00926EPSS

CVE•added 2020/09/25 2:15 p.m.•40 views

CVE-2020-15372

A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or bypassing the logging.

5.5CVSS7.2AI score0.00072EPSS

CVE•added 2020/09/25 2:15 p.m.•37 views

CVE-2020-15374

Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input.

9.8CVSS9.4AI score0.00504EPSS

CVE•added 2020/09/25 2:15 p.m.•34 views

CVE-2018-6448

A vulnerability in the management interface in Brocade Fabric OS Versions before Brocade Fabric OS v9.0.0 could allow a remote attacker to perform a denial of service attack on the vulnerable host.

7.5CVSS8.3AI score0.00598EPSS

CVE•added 2020/09/25 2:15 p.m.•27 views

CVE-2020-15370

Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote attacker to view a user password in cleartext. The vulnerability is due to incorrectly logging the user password in log files.

6.5CVSS7.8AI score0.00256EPSS