CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Broadcom : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-42775 2021-11-12 2021-11-15
6.4
None Remote Low Not required None Partial Partial
Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a vulnerability in the remote firmware download feature that could allow a user to place or replace an arbitrary file on the remote host. In non-secure mode, the user is unauthenticated.
2 CVE-2021-42774 120 Overflow 2021-11-12 2021-11-15
7.5
None Remote Low Not required Partial Partial Partial
Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote firmware download feature that could allow remote unauthenticated users to perform various attacks. In non-secure mode, the user is unauthenticated.
3 CVE-2021-42773 200 +Info 2021-11-12 2021-11-15
5.0
None Remote Low Not required Partial None None
Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, could allow a user to retrieve an arbitrary file from a remote host with the GetDumpFile command. In non-secure mode, the user is unauthenticated.
4 CVE-2021-42772 120 Overflow 2021-11-03 2021-11-12
6.8
None Remote Medium Not required Partial Partial Partial
Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote GetDumpFile command that could allow a user to attempt various attacks. In non-secure mode, the user is unauthenticated
5 CVE-2021-30648 287 Exec Code Bypass 2021-06-30 2021-07-06
9.0
None Remote Low Not required Partial Partial Complete
The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance.
6 CVE-2021-28248 307 2021-03-26 2021-03-29
5.0
None Remote Low Not required Partial None None
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by Improper Restriction of Excessive Authentication Attempts. An attacker is able to perform an arbitrary number of /web/frames/ authentication attempts using different passwords, and eventually gain access to a targeted account, NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
7 CVE-2021-28246 426 Exec Code 2021-03-26 2021-03-29
4.4
None Local Medium Not required Partial Partial Partial
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user must create a malicious library in the writable RPATH, to be dynamically linked when the emtgtctl2 executable is run. The code in the library will be executed as the ehealth user. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
8 CVE-2021-27794 287 2021-08-12 2021-08-23
4.6
None Local Low Not required Partial Partial Partial
A vulnerability in the authentication mechanism of Brocade Fabric OS versions before Brocade Fabric OS v.9.0.1a, v8.2.3a and v7.4.2h could allow a user to Login with empty password, and invalid password through telnet, ssh and REST.
9 CVE-2021-27793 863 2021-08-12 2021-08-23
5.0
None Remote Low Not required None None Partial
ntermittent authorization failure in aaa tacacs+ with Brocade Fabric OS versions before Brocade Fabric OS v9.0.1b and after 9.0.0, also in Brocade Fabric OS before Brocade Fabric OS v8.2.3a and after v8.2.0 could cause a user with a valid account to be unable to log into the switch.
10 CVE-2021-27792 20 2021-08-12 2021-08-23
7.2
None Local Low Not required Complete Complete Complete
The request handling functions in web management interface of Brocade Fabric OS versions before v9.0.1a, v8.2.3a, and v7.4.2h do not properly handle malformed user input, resulting in a service crash. An authenticated attacker could use this weakness to cause the FOS HTTP application handler to crash, requiring a reboot.
11 CVE-2021-27791 287 Bypass 2021-08-12 2021-08-23
5.5
None Remote Low ??? Partial Partial None
The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the intended range. An unauthenticated attacker could discover a request, which could bypass the authentication process.
12 CVE-2021-27790 20 Exec Code Overflow 2021-08-12 2021-08-23
7.2
None Local Low Not required Complete Complete Complete
The command ipfilter in Brocade Fabric OS before Brocade Fabric OS v.9.0.1a, v8.2.3, and v8.2.0_CBN4, and v7.4.2h uses unsafe string function to process user input. Authenticated attackers can abuse this vulnerability to exploit stack-based buffer overflows, allowing execution of arbitrary code as the root user account.
13 CVE-2021-26314 668 2021-06-09 2021-06-17
2.1
None Local Low Not required Partial None None
Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage.
14 CVE-2021-26313 668 Exec Code Bypass 2021-06-09 2021-10-13
2.1
None Local Low Not required Partial None None
Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage.
15 CVE-2021-22890 290 2021-04-01 2021-07-20
4.3
None Remote Medium Not required None Partial None
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly "short-cut" the host handshake. When confusing the tickets, a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby circumvent the server TLS certificate check and make a MITM attack to be possible to perform unnoticed. Note that such a malicious HTTPS proxy needs to provide a certificate that curl will accept for the MITMed server for an attack to work - unless curl has been told to ignore the server certificate check.
16 CVE-2021-22876 200 +Info 2021-04-01 2021-07-20
5.0
None Remote Low Not required Partial None None
curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.
17 CVE-2020-15778 78 2020-07-24 2021-06-22
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
18 CVE-2020-15387 326 2021-06-09 2021-08-23
5.8
None Remote Medium Not required Partial Partial None
The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications.
19 CVE-2020-15386 400 2021-06-09 2021-09-09
5.0
None Remote Low Not required None None Partial
Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2.2d may observe high CPU load during security scanning, which could lead to a slower response to CLI commands and other operations.
20 CVE-2020-15385 732 2021-06-09 2021-06-11
5.5
None Remote Low ??? Partial Partial None
Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and list files without permission. As a result, users without permission can see folders, and hidden files, and can create directories without permission.
21 CVE-2020-15384 312 2021-06-09 2021-06-11
5.0
None Remote Low Not required Partial None None
Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability. Successful exploitation of internal server information in the initial login response header.
22 CVE-2020-15383 400 DoS 2021-06-09 2021-09-09
5.0
None Remote Low Not required None None Partial
Running security scans against the SAN switch can cause config and secnotify processes within the firmware before Brocade Fabric OS v9.0.0, v8.2.2d and v8.2.1e to consume all memory leading to denial of service impacts possibly including a switch panic.
23 CVE-2020-15382 798 2021-06-09 2021-06-17
6.5
None Remote Low ??? Partial Partial Partial
Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak password ‘passw0rd’ if a password is not provided for PostgreSQL at install-time.
24 CVE-2020-15381 522 2021-06-09 2021-06-15
5.0
None Remote Low Not required Partial None None
Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server.
25 CVE-2020-15380 532 2021-06-09 2021-06-11
5.0
None Remote Low Not required Partial None None
Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level.
26 CVE-2020-15379 20 2021-06-09 2021-06-16
5.0
None Remote Low Not required None None Partial
Brocade SANnav before v.2.1.0a could allow remote attackers cause a denial-of-service condition due to a lack of proper validation, of the length of user-supplied data as name for custom field name.
27 CVE-2020-15378 2021-06-09 2021-06-11
5.0
None Remote Low Not required Partial None None
The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface.
28 CVE-2020-15377 918 2021-06-09 2021-06-11
7.5
None Remote Low Not required Partial Partial Partial
Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfiguration; this is commonly referred to as Server-Side Request Forgery (SSRF).
29 CVE-2020-15376 2020-12-11 2021-09-09
4.0
None Remote Low ??? Partial None None
Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric mode contain a weakness in the ldap implementation that could allow a remote ldap user to login in the Brocade Fibre Channel SAN switch with "user" privileges if it is not associated with any groups.
30 CVE-2020-15375 20 2020-12-11 2021-06-22
4.6
None Local Low Not required Partial Partial Partial
Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g contain an improper input validation weakness in the command line interface when secccrypptocfg is invoked. The vulnerability could allow a local authenticated user to run arbitrary commands and perform escalation of privileges.
31 CVE-2020-15374 2020-09-25 2021-08-23
7.5
None Remote Low Not required Partial Partial Partial
Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input.
32 CVE-2020-15373 119 Overflow 2020-09-25 2021-08-23
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks.
33 CVE-2020-15372 913 Bypass 2020-09-25 2021-06-22
2.1
None Local Low Not required None Partial None
A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or bypassing the logging.
34 CVE-2020-15371 2020-09-25 2021-08-23
7.5
None Remote Low Not required Partial Partial Partial
Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability.
35 CVE-2020-15370 532 2020-09-25 2021-06-22
4.0
None Remote Low ??? Partial None None
Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote attacker to view a user password in cleartext. The vulnerability is due to incorrectly logging the user password in log files.
36 CVE-2020-15369 521 2020-09-25 2021-08-23
4.0
None Remote Low ??? Partial None None
Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server. An authenticated user could obtain the exposed password credentials to gain access to the remote host.
37 CVE-2020-13645 295 2020-05-28 2021-06-22
6.4
None Remote Low Not required Partial Partial None
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate verification. Applications that fail to provide the server identity, including Balsa before 2.5.11 and 2.6.x before 2.6.1, accept a TLS certificate if the certificate is valid for any host.
38 CVE-2020-12695 276 2020-06-08 2021-04-23
7.8
None Remote Medium Not required Partial None Complete
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
39 CVE-2020-12595 +Info 2020-12-10 2020-12-14
4.0
None Remote Low ??? Partial None None
An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG prior to 10.7.4.
40 CVE-2020-12594 269 +Priv 2020-12-10 2021-07-21
9.0
None Remote Low ??? Complete Complete Complete
A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance. This affects SMG prior to 10.7.4.
41 CVE-2020-11666 269 2020-04-15 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges.
42 CVE-2020-11665 601 2020-04-15 2020-04-20
5.8
None Remote Medium Not required Partial Partial None
CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
43 CVE-2020-11664 601 2020-04-15 2020-04-20
5.8
None Remote Medium Not required Partial Partial None
CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
44 CVE-2020-11663 601 2020-04-15 2020-04-20
5.8
None Remote Medium Not required Partial Partial None
CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks.
45 CVE-2020-11662 200 +Info 2020-04-15 2020-04-20
5.0
None Remote Low Not required Partial None None
CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information.
46 CVE-2020-11661 269 2020-04-15 2021-07-21
5.5
None Remote Low ??? Partial Partial None
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data.
47 CVE-2020-11660 200 +Info 2020-04-15 2021-07-21
4.0
None Remote Low ??? Partial None None
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information.
48 CVE-2020-11659 639 2020-04-15 2020-04-20
4.0
None Remote Low ??? None Partial None
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action.
49 CVE-2020-11658 639 Bypass 2020-04-15 2020-04-20
7.5
None Remote Low Not required Partial Partial Partial
CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization.
50 CVE-2020-8012 120 Exec Code Overflow 2020-02-18 2021-09-27
7.5
None Remote Low Not required Partial Partial Partial
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code.
Total number of vulnerabilities : 302   Page : 1 (This Page)2 3 4 5 6 7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.