VYPR
Vendor

Brocade

Products
31
CVEs
148
Across products
170
Status
Private

Products

31
View all 31 products →

Recent CVEs

148
View all 148 CVEs →
  • CVE-2016-8205CriJan 14, 2017
    risk 0.65cvss 9.8epss 0.13

    A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed.

  • CVE-2016-8204CriJan 14, 2017
    risk 0.64cvss 9.8epss 0.07

    A Directory Traversal vulnerability in FileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed.

  • CVE-2016-8202HigMay 8, 2017
    risk 0.57cvss 8.8epss 0.03

    A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface.…

  • CVE-2016-8201HigJan 14, 2017
    risk 0.52cvss 8.0epss 0.00

    A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0 could allow an attacker to trick a logged-in user into making administrative changes on the traffic manager cluster.

  • CVE-2018-6439HigDec 3, 2018
    risk 0.51cvss 7.8epss 0.00

    A Vulnerability in the configdownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.

  • CVE-2016-8207HigJan 14, 2017
    risk 0.50cvss 7.5epss 0.15

    A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information.

  • CVE-2016-8206HigJan 14, 2017
    risk 0.50cvss 7.5epss 0.15

    A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary files, and consequently delete the files.

  • CVE-2022-27775HigJun 2, 2022
    risk 0.49cvss 7.5epss 0.03

    An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.

  • CVE-2016-8209HigMay 8, 2017
    risk 0.49cvss 7.5epss 0.01

    Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management…

  • CVE-2016-8203HigOct 31, 2016
    risk 0.49cvss 7.5epss 0.02

    A memory corruption in the IPsec code path of Brocade NetIron OS on Brocade MLXs 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00, and 6.0.00a images could allow attackers to cause a denial of service (line card reset) via certain constructed IPsec control packets.

  • CVE-2022-22576HigMay 26, 2022
    risk 0.46cvss 8.1epss 0.02

    An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects…

  • CVE-2017-6227MedFeb 8, 2018
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router…

  • CVE-2017-6225MedFeb 8, 2018
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based…

  • CVE-2022-27774MedJun 2, 2022
    risk 0.37cvss 5.7epss 0.02

    An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on…

  • CVE-2025-1976KEVApr 24, 2025
    risk 0.12cvss epss 0.01

    Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6.

  • CVE-2018-6443Jan 22, 2019
    risk 0.04cvss epss 0.07

    A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote…

  • CVE-2013-6810Dec 12, 2013
    risk 0.04cvss epss 0.17

    The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition (CMCNE), HP B-series SAN Network Advisor, and possibly other products, allows remote attackers to execute arbitrary code by using a servlet to upload an executable…

  • CVE-2026-0869Mar 3, 2026
    risk 0.00cvss epss 0.00

    Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support Link(BSL) and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within…

  • CVE-2025-58381Feb 3, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with admin privileges using the shell commands “source, ping6, sleep, disown, wait to modify the path variables and move upwards in the directory structure or to traverse to different…

  • CVE-2025-9711Feb 3, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in Brocade Fabric OS before 9.2.1c3 could allow elevating the privileges of the local authenticated user to “root” using the export option of seccertmgmt and seccryptocfg commands.