Broadcom
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Broadcom product.
RSS Feeds for Broadcom security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Broadcom products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Broadcom Sorted by Most Security Vulnerabilities since 2018
Known Exploited Broadcom Vulnerabilities
The following Broadcom vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability |
Broadcom VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. This could allow a malicious actor with network access to vCenter Server to send specially crafted network packets, potentially leading to remote code execution. CVE-2024-37079 Exploit Probability: 79.3% |
January 23, 2026 |
| Broadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability |
Broadcom VMware Aria Operations and VMware Tools contain a privilege defined with unsafe actions vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM. CVE-2025-41244 Exploit Probability: 1.0% |
October 30, 2025 |
| Broadcom Brocade Fabric OS Code Injection Vulnerability |
Broadcom Brocade Fabric OS contains a code injection vulnerability that allows a local user with administrative privileges to execute arbitrary code with full root privileges. CVE-2025-1976 Exploit Probability: 0.8% |
April 28, 2025 |
The vulnerability CVE-2024-37079: Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability is in the top 1% of the currently known exploitable vulnerabilities.
By the Year
In 2026 there have been 13 vulnerabilities in Broadcom with an average score of 6.0 out of ten. Last year, in 2025 Broadcom had 24 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Broadcom in 2026 could surpass last years number. Last year, the average CVE base score was greater by 1.94
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 13 | 6.03 |
| 2025 | 24 | 7.98 |
| 2024 | 48 | 7.11 |
| 2023 | 60 | 6.81 |
| 2022 | 62 | 7.48 |
| 2021 | 46 | 6.86 |
| 2020 | 48 | 7.28 |
| 2019 | 33 | 7.38 |
| 2018 | 44 | 7.52 |
It may take a day or so for new Broadcom vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Broadcom Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2025-13919 | Jan 28, 2026 |
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a COM Hijacking vulnerabilitySymantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a COM Hijacking vulnerability, which is a type of issue whereby an attacker attempts to establish persistence and evade detection by hijacking COM references in the Windows Registry. |
|
| CVE-2025-13918 | Jan 28, 2026 |
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resourcesSymantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. |
|
| CVE-2025-13917 | Jan 28, 2026 |
WSS Agent, prior to 9.8.5, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resourcesWSS Agent, prior to 9.8.5, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. |
|
| CVE-2025-69276 | Jan 12, 2026 |
Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, LinuxDeserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection.This issue affects DX NetOps Spectrum: 24.3.13 and earlier. |
Dx Netops Spectrum
|
| CVE-2025-69275 | Jan 12, 2026 |
Dependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Windows, LinuxDependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows DOM-Based XSS.This issue affects DX NetOps Spectrum: 24.3.9 and earlier. |
Dx Netops Spectrum
|
| CVE-2025-69274 | Jan 12, 2026 |
Authorization Bypass Through User-Controlled Key vulnerability in Broadcom DX NetOps Spectrum on Windows, LinuxAuthorization Bypass Through User-Controlled Key vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Privilege Escalation.This issue affects DX NetOps Spectrum: 24.3.10 and earlier. |
Dx Netops Spectrum
|
| CVE-2025-69273 | Jan 12, 2026 |
Improper Authentication vulnerability in Broadcom DX NetOps Spectrum on Windows, LinuxImproper Authentication vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Authentication Bypass.This issue affects DX NetOps Spectrum: 24.3.10 and earlier. |
Dx Netops Spectrum
|
| CVE-2025-69272 | Jan 12, 2026 |
Cleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Windows, LinuxCleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 21.2.1 and earlier. |
Dx Netops Spectrum
|
| CVE-2025-69271 | Jan 12, 2026 |
Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, LinuxInsufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 24.3.13 and earlier. |
Dx Netops Spectrum
|
| CVE-2025-69270 | Jan 12, 2026 |
Information Exposure Through Query Strings in GET Request vulnerability in Broadcom DX NetOps Spectrum on Windows, LinuxInformation Exposure Through Query Strings in GET Request vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Session Hijacking.This issue affects DX NetOps Spectrum: 24.3.8 and earlier. |
Dx Netops Spectrum
|
| CVE-2025-69269 | Jan 12, 2026 |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Broadcom DX NetOps Spectrum on Windows, LinuxImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows OS Command Injection.This issue affects DX NetOps Spectrum: 23.3.6 and earlier. |
Dx Netops Spectrum
|
| CVE-2025-69268 | Jan 12, 2026 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Broadcom DX NetOps Spectrum on Windows, LinuxImproper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Reflected XSS.This issue affects DX NetOps Spectrum: 24.3.8 and earlier. |
Dx Netops Spectrum
|
| CVE-2025-69267 | Jan 12, 2026 |
Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in Broadcom DX NetOps Spectrum on Windows, LinuxImproper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Path Traversal.This issue affects DX NetOps Spectrum: 24.3.8 and earlier. |
Dx Netops Spectrum
|
| CVE-2025-31649 | Nov 17, 2025 |
Hard-Coded Password in Dell ControlVault3 API (5.15.14.19 / 6.2.36.47)A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to execute priviledged operation. An attacker can issue an api call to trigger this vulnerability. |
|
| CVE-2025-31361 | Nov 17, 2025 |
Privilege Escalation via Dell ControlVault3 WBDI Driver pre5.15.14.19 / pre6.2.36.47A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIO_USH_ADD_RECORD functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to privilege escalation. An attacker can issue an api call to trigger this vulnerability. |
|
| CVE-2025-36463 | Nov 17, 2025 |
Dell ControlVault3 OOB Read/Write via WinBioControlUnit pre-5.15.14.19Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 4 (`WBIO_USH_ADD_RECORD`) and with an invalid `SendBufferSize`. |
|
| CVE-2025-36462 | Nov 17, 2025 |
Dell ControlVault3/3+ OOB via WBDI Driver before 5.15.14.19Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 3 (`WBIO_USH_CREATE_CHALLENGE`) with an invalid `ReceiveBuferSize`. |
|
| CVE-2025-36461 | Nov 17, 2025 |
Dell ControlVault3 Prior <5.15.14.19 OOBRead/Write in WBDI DriverMultiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 0 (`WBIO_USH_GET_TEMPLATE`) and with either and an invalid `ReceiveBuferSize` and/or an invalid `SendBufferSize`. |
|
| CVE-2025-36460 | Nov 17, 2025 |
Dell ControlVault WBDI OOB Read/Write (5.15.14.19)Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 2 (`WBIO_USH_GET_IDENTITY`) with an improper `ReceiveBuferSize` value. |
|
| CVE-2025-32089 | Nov 17, 2025 |
Dell ControlVault3/Plus Buffer Overflow CVE-2025-32089A buffer overflow vulnerability exists in the CvManager_SBI functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to a arbitrary code execution. An attacker can issue an api call to trigger this vulnerability. |
|
| CVE-2025-36553 | Nov 17, 2025 |
Dell ControlVault3 CVE-2025-36553 Buffer Overflow in CvManager <5.15.14.19/6.2.36.47A buffer overflow vulnerability exists in the CvManager functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. |
|
| CVE-2025-10847 | Oct 01, 2025 |
Nimsoft UIM Robot ACL Bypass Enables Remote Cmd ExecDX Unified Infrastructure Management (Nimsoft/UIM) and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system. |
Unified Infrastructure Management
|
| CVE-2025-9059 | Sep 11, 2025 |
Altiris Core Agent Updater DLL Hijacking Elevation of PrivilegesThe Altiris Core Agent Updater package (AeXNSC.exe) is prone to an elevation of privileges vulnerability through DLL hijacking. |
|
| CVE-2025-4662 | Jul 10, 2025 |
Brocade SANnav <2.4.0a logs plaintext passphrases in audit logsBrocade SANnav before SANnav 2.4.0a logs plaintext passphrases in the Brocade SANnav host server audit logs while executing OpenSSL command using a passphrase from the command line or while providing the passphrase through a temporary file. These audit logs are the local server VMs audit logs and are not controlled by SANnav. These logs are only visible to the server admin of the host server and are not visible to the SANnav admin or any SANnav user. |
Sannav
|
| CVE-2025-50200 | Jun 19, 2025 |
RabbitMQ <=3.13.7 API Logs Expose Base64 Auth HeadersRabbitMQ is a messaging and streaming broker. In versions 3.13.7 and prior, RabbitMQ is logging authorization headers in plaintext encoded in base64. When querying RabbitMQ api with HTTP/s with basic authentication it creates logs with all headers in request, including authorization headers which show base64 encoded username:password. This is easy to decode and afterwards could be used to obtain control to the system depending on credentials. This issue has been patched in version 4.0.8. |
Rabbitmq Server
|
| CVE-2025-25215 | Jun 13, 2025 |
Arbitrary Free via cv_close in Dell ControlVault3 <5.15.10.14An arbitrary free vulnerability exists in the cv_close functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an arbitrary free. An attacker can forge a fake session to trigger this vulnerability. |
|
| CVE-2025-24919 | Jun 13, 2025 |
Dell ControlVault3 Deserialization via cvhDecapsulateCmd (pre-5.15.10.14 / pre-6.2.26.36)A deserialization of untrusted input vulnerability exists in the cvhDecapsulateCmd functionality of Dell ControlVault3 prior to 5.15.10.14 and ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault response to a command can lead to arbitrary code execution. An attacker can compromise a ControlVault firmware and have it craft a malicious response to trigger this vulnerability. |
|
| CVE-2025-25050 | Jun 13, 2025 |
OOB Write in Dell ControlVault3 API (cv_upgrade_sensor_firmware) pre 5.15.10.14An out-of-bounds write vulnerability exists in the cv_upgrade_sensor_firmware functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault 3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an out-of-bounds write. An attacker can issue an API call to trigger this vulnerability. |
|
| CVE-2025-24922 | Jun 13, 2025 |
Dell ControlVault3 Buffer Overflow in securebio_identify <5.15.10.14/6.2.26.36A stack-based buffer overflow vulnerability exists in the securebio_identify functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted malicious cv_object can lead to a arbitrary code execution. An attacker can issue an API call to trigger this vulnerability. |
|
| CVE-2025-24311 | Jun 13, 2025 |
OOB Read in Dell ControlVault3 (<5.15.10.14) & Plus (<6.2.26.36) via APIAn out-of-bounds read vulnerability exists in the cv_send_blockdata functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an information leak. An attacker can issue an API call to trigger this vulnerability. |
|
| CVE-2025-22243 | Jun 04, 2025 |
VMware NSX Manager UI XSS: Improper Input ValidationVMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper input validation. |
Vmware Nsx
|
| CVE-2025-22244 | Jun 04, 2025 |
VMware NSX Stored XSS in Gateway FirewallVMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation. |
Vmware Nsx
|
| CVE-2025-22245 | Jun 04, 2025 |
VMware NSX Router Port Stored XSS via Improper Input ValidationVMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation. |
Vmware Nsx
|
| CVE-2024-22654 | May 29, 2025 |
Infinite Loop in tcpreplay v4.4.4 via tcprewrite (get.c)tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c. |
Tcpreplay
|
| CVE-2025-22248 | May 13, 2025 |
Bitnami Pgpool/PGHA: Unauthenticated repmgr User Enables DB AccessThe bitnami/pgpool Docker image, and the bitnami/postgres-ha k8s chart, under default configurations, comes with an 'repmgr' user that allows unauthenticated access to the database inside the cluster. The PGPOOL_SR_CHECK_USER is the user that Pgpool itself uses to perform streaming replication checks against nodes, and should not be at trust level. This allows to log into a PostgreSQL database using the repgmr user without authentication. If Pgpool is exposed externally, a potential attacker could use this user to get access to the service. This is also present within the bitnami/postgres-ha Kubernetes Helm chart. |
Bitnami
Bitnami Popool
Bitnamipgpool
And others... |
| CVE-2025-3599 | Apr 30, 2025 |
Symantec Endpoint Protection Windows Agent EoP via ERASER Engine <119.1.7.8Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be susceptible to an Elevation of Privilege vulnerability, which may allow an attacker to delete resources that are normally protected from an application or user. |
Symantec Endpoint Protection
|
| CVE-2025-1976 | Apr 24, 2025 |
Brocade Fabric OS 9.1.0–9.1.1d6 Local Admin Arbitrary Code ExecBrocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6. |
Fabric Operating System
|
| CVE-2022-43935 | Nov 21, 2024 |
Brocade SANnav Information Exposure through Log FilesAn information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where Brocade Fabric OS Switch passwords and authorization IDs are printed in the embedded MLS DB file. |
Brocade Sannav
|
| CVE-2024-10403 | Nov 21, 2024 |
Brocade Fabric OS SFTP/FTP Server Password Exposure in Core DumpBrocade Fabric OS versions before 8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2.1a can capture the SFTP/FTP server password used for a firmware download operation initiated by SANnav or through WebEM in a weblinker core dump that is later captured via supportsave. |
Fabric Operating System
|
| CVE-2022-43937 | Nov 21, 2024 |
Brocade SANnav: Information Exposure via Debug LogsPossible information exposure through log file vulnerability where sensitive fields are recorded in the debug-enabled logs when debugging is turned on in Brocade SANnav before 2.3.0 and 2.2.2a |
Brocade Sannav
|
| CVE-2022-43936 | Nov 21, 2024 |
Brocade SANnav Password Logging Vulnerability in Brocade Fabric OSBrocade SANnav versions before 2.2.2 log Brocade Fabric OS switch passwords when debugging is enabled. |
Brocade Sannav
|
| CVE-2022-43934 | Nov 21, 2024 |
Brocade SANnav Weak Key Exchange Algorithm VulnerabilityBrocade SANnav before Brocade SANnav 2.2.2 supports key exchange algorithms, which are considered weak on ports 24, 6514, 18023, 19094, and 19095. |
Brocade Sannav
|
| CVE-2022-43933 | Nov 21, 2024 |
Brocade SANnav Information Exposure Through Log FilesAn information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where configuration secrets are logged in supportsave. Supportsave file is generated by an admin user troubleshooting the switch. The Logged information may include usernames and passwords, and secret keys. |
Brocade Sannav
|
| CVE-2024-7516 | Nov 12, 2024 |
Brocade Fabric OS <9.2.2 Remote SSH Key Forgery Enables MITM Session HijackingA vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a switch admin. |
Fabric Operating System
|
| CVE-2024-38813 | Sep 17, 2024 |
VMware vCenter Server Priv Escalation via Malicious Network PacketThe vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet. |
Vmware Center Server
Vmware Cloud Foundation
|
| CVE-2024-38812 | Sep 17, 2024 |
VMware vCenter Server DCERPC Heap Overflow RCEThe vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution. |
Vmware Vcenter Server
Vmware Cloud Foundation
|
| CVE-2024-38493 | Jul 15, 2024 |
XSS in CyberArk PAM UI Web InterfaceA reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI. |
Symantec Privileged Access Management
|
| CVE-2024-3596 | Jul 09, 2024 |
RADIUS MD5 Response Authenticator Forgery via Chosen-Prefix CollisionRADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. |
Fabric Operating System
Brocade Sannav
|
| CVE-2024-5460 | Jun 26, 2024 |
Auth Remote SNMP Read Hard-Coded Community String in Brocade Fabric OS <9.0.0A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP) feature of Brocade Fabric OS versions before v9.0.0 could allow an authenticated, remote attacker to read data from an affected device via SNMP. The vulnerability is due to hard-coded, default community string in the configuration file for the SNMP daemon. An attacker could exploit this vulnerability by using the static community string in SNMP version 1 queries to an affected device. |
Fabric Operating System
|
| CVE-2024-29954 | Jun 26, 2024 |
Brocade Fabric OS Password API Reveals Passwords in Logs ( v9.2.1)A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp. Detail. When the firmwaredownload command is incorrectly entered or points to an erroneous file, the firmware download log captures the failed command, including any password entered in the command line. |
Fabric Operating System
|