VYPR

Fabric OS

by Brocade

CVEs (85)

  • CVE-2023-31429MedAug 1, 2023
    risk 0.36cvss 5.5epss 0.00

    Brocade Fabric OS before Brocade Fabric OS 9.1.1c, 9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands…

  • CVE-2022-33181MedOct 25, 2022
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a local authenticated attacker to read sensitive files using switch commands “configshow” and “supportlink”.

  • CVE-2022-33180MedOct 25, 2022
    risk 0.36cvss 5.5epss 0.00

    A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5 could allow a local authenticated attacker to export out sensitive files with “seccryptocfg”, “configupload”.

  • CVE-2021-27798MedAug 5, 2022
    risk 0.36cvss 5.5epss 0.00

    A vulnerability in Brocade Fabric OS versions 7.4.1b and 7.3.1d could allow local users to conduct privileged directory transversal. Brocade Fabric OS versions 7.4.1.x and 7.3.x have reached end of life. Brocade Fabric OS Users should upgrade to supported versions as described…

  • CVE-2020-15372MedSep 25, 2020
    risk 0.36cvss 5.5epss 0.00

    A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or…

  • CVE-2018-6433MedNov 8, 2018
    risk 0.36cvss 5.5epss 0.00

    A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system.

  • CVE-2021-27793MedAug 12, 2021
    risk 0.35cvss 5.3epss 0.01

    ntermittent authorization failure in aaa tacacs+ with Brocade Fabric OS versions before Brocade Fabric OS v9.0.1b and after 9.0.0, also in Brocade Fabric OS before Brocade Fabric OS v8.2.3a and after v8.2.0 could cause a user with a valid account to be unable to log into the…

  • CVE-2021-27791MedAug 12, 2021
    risk 0.35cvss 5.4epss 0.01

    The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the…

  • CVE-2020-15386MedJun 9, 2021
    risk 0.35cvss 5.3epss 0.01

    Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2.2d may observe high CPU load during security scanning, which could lead to a slower response to CLI commands and other operations.

  • CVE-2018-6447MedSep 25, 2020
    risk 0.35cvss 5.4epss 0.01

    A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take…

  • CVE-2023-31927MedAug 2, 2023
    risk 0.34cvss 5.3epss 0.00

    An information disclosure in the web interface of Brocade Fabric OS versions before Brocade Fabric OS v9.2.0 and v9.1.1c, could allow a remote unauthenticated attacker to get technical details about the web interface.

  • CVE-2025-4663MedJul 8, 2025
    risk 0.32cvss 4.9epss 0.00

    An Improper Check for Unusual or Exceptional Conditions vulnerability in Brocade Fabric OS before 9.2.2.a could allow an authenticated, network-based attacker to cause a Denial-of-Service (DoS). The vulnerability is encountered when supportsave is invoked remotely, using…

  • CVE-2023-4163MedAug 31, 2023
    risk 0.29cvss 4.4epss 0.00

    In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command.

  • CVE-2023-4162MedAug 31, 2023
    risk 0.29cvss 4.4epss 0.00

    A segmentation fault can occur in Brocade Fabric OS after Brocade Fabric OS v9.0 and before Brocade Fabric OS v9.2.0a through the passwdcfg command. This could allow an authenticated privileged user local user to crash a Brocade Fabric OS swith using the cli “passwdcfg…

  • CVE-2024-29953MedJun 26, 2024
    risk 0.28cvss 4.3epss 0.00

    A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d prints encoded session passwords on session storage for Virtual Fabric platforms. This could allow an authenticated user to view other users' session encoded passwords.

  • CVE-2023-5973MedApr 5, 2024
    risk 0.28cvss 4.3epss 0.00

    Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display.

  • CVE-2020-15376MedDec 11, 2020
    risk 0.28cvss 4.3epss 0.01

    Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric mode contain a weakness in the ldap implementation that could allow a remote ldap user to login in the Brocade Fibre Channel SAN switch with "user" privileges if it is not associated…

  • CVE-2025-4661LowJun 19, 2025
    risk 0.15cvss 2.3epss 0.00

    A path transversal vulnerability in Brocade Fabric OS 9.1.0 through 9.2.2 could allow a local admin user to gain access to files outside the intended directory potentially leading to the disclosure of sensitive information. Note: Admin level privilege is required on the…

  • CVE-2025-58381Feb 3, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with admin privileges using the shell commands “source, ping6, sleep, disown, wait to modify the path variables and move upwards in the directory structure or to traverse to different…

  • CVE-2025-9711Feb 3, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in Brocade Fabric OS before 9.2.1c3 could allow elevating the privileges of the local authenticated user to “root” using the export option of seccertmgmt and seccryptocfg commands.

Page 4 of 5