Broadcom Fabric Operating System (FOS) 9.2.0

CPE Details

Broadcom Fabric Operating System (FOS) 9.2.0
broadcom
fabric_operating_system
9.2.0
2023-12-29
14h31 +00:00
2023-12-29
14h31 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:broadcom:fabric_operating_system:9.2.0:*:*:*:*:*:*:*

Informations

Vendor

broadcom

Product

fabric_operating_system

Version

9.2.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-10403 2024-11-21 05h44 +00:00 Brocade Fabric OS versions before 8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2.1a can capture the SFTP/FTP server password used for a firmware download operation initiated by SANnav or through WebEM in a weblinker core dump that is later captured via supportsave.
5.9
Moyen
CVE-2024-7516 2024-11-12 18h41 +00:00 A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a switch admin.
7
Haute
CVE-2024-29954 2024-06-25 23h42 +00:00 A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp. Detail. When the firmwaredownload command is incorrectly entered or points to an erroneous file, the firmware download log captures the failed command, including any password entered in the command line.
5.9
Moyen
CVE-2024-29953 2024-06-25 23h16 +00:00 A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d prints encoded session passwords on session storage for Virtual Fabric platforms. This could allow an authenticated user to view other users' session encoded passwords.
4.3
Moyen
CVE-2021-27795 2023-12-06 01h16 +00:00 Brocade Fabric OS (FOS) hardware platforms running any version of Brocade Fabric OS software, which supports the license string format; contain cryptographic issues that could allow for the installation of forged or fraudulent license keys. This would allow attackers or a malicious party to forge a counterfeit license key that the Brocade Fabric OS platform would authenticate and activate as if it were a legitimate license key.
8.1
Haute
CVE-2023-4163 2023-08-31 00h04 +00:00 In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command.
4.4
Moyen
CVE-2023-3489 2023-08-30 23h56 +00:00 The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server password in clear text in the SupportSave file when performing a downgrade from Fabric OS v9.2.0 to any earlier version of Fabric OS.
8.6
Haute