Fabric Operating System Security Vulnerabilities and Issues — Fabric Operating System CVE List

Lucene search

BroadcomFabric Operating System

9 matches found

CVE•added 2025/04/24 3:15 a.m.•446 views

CVE-2025-1976

Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6.

8.6CVSS7.7AI score0.02067EPSS

CVE•added 2024/06/26 12:15 a.m.•61 views

CVE-2024-5460

A vulnerability in the default configuration of the Simple NetworkManagement Protocol (SNMP) feature of Brocade Fabric OS versions beforev9.0.0 could allow an authenticated, remote attacker to read data froman affected device via SNMP. The vulnerability is due to hard-coded,default community string...

8.1CVSS8AI score0.00114EPSS

CVE•added 2022/10/25 9:15 p.m.•58 views

CVE-2022-28169

Brocade Webtools in Brocade Fabric OS versions before Brocade Fabric OS versions v9.1.1, v9.0.1e, and v8.2.3c could allow a low privilege webtools, user, to gain elevated admin rights, or privileges, beyond what is intended or entitled for that user. By exploiting this vulnerability, a user whose r...

8.8CVSS8.7AI score0.00148EPSS

CVE•added 2022/10/25 9:15 p.m.•54 views

CVE-2022-33183

A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in “firmwaredownload” and “diagshow” commands.

8.8CVSS8.5AI score0.00774EPSS

CVE•added 2022/10/25 9:15 p.m.•51 views

CVE-2022-33179

A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j could allow a local authenticated user to break out of restricted shells with “set context” and escalate privileges.

8.8CVSS8.4AI score0.00038EPSS

CVE•added 2018/11/08 2:29 p.m.•43 views

CVE-2018-6442

A vulnerability in the Brocade Webtools firmware update section of Brocade Fabric OS before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote authenticated attackers to execute arbitrary commands.

8.8CVSS8.2AI score0.01458EPSS

CVE•added 2020/09/25 2:15 p.m.•43 views

CVE-2020-15369

Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server. An authenticated user could obtain the exposed password credentials to gain access to the remote...

8.8CVSS9.3AI score0.0022EPSS

CVE•added 2023/12/06 2:15 a.m.•26 views

CVE-2021-27795

Brocade Fabric OS (FOS) hardwareplatforms running any version of Brocade Fabric OS software, whichsupports the license string format; contain cryptographicissues that could allow for the installation of forged or fraudulentlicense keys. This would allow attackers or a malicious party to forge acoun...

8.1CVSS7.2AI score0.00039EPSS

CVE•added 2023/08/31 12:15 a.m.•26 views

CVE-2023-3489

Thefirmwaredownload command on Brocade Fabric OS v9.2.0 could log theFTP/SFTP/SCP server password in clear text in the SupportSave file whenperforming a downgrade from Fabric OS v9.2.0 to any earlier version ofFabric OS.

8.6CVSS7.9AI score0.00109EPSS