Brocade

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-6227 2Broadcom Brocade 2Fabric Operating System Fabric Os Nov 21, 2024 Feb 8, 2018 N/A· v4 6.5 MEDIUM· v3 6.1 MEDIUM· v2 A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and de...Show more A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a targeted system.Show less
CVE-2017-6225 2Broadcom Brocade 2Fabric Operating System Fabric Os Nov 21, 2024 Feb 8, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to...Show more Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based information.Show less
CVE-2016-8209 1Brocade 4Netiron Cer Series Firmware Netiron Ces Series FirmwareNetiron Mlx Series Firmware+1 more May 13, 2026 May 8, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause...Show more Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.Show less
CVE-2016-8207 1Brocade 1Network Advisor May 13, 2026 Jan 14, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sens...Show more A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information.Show less
CVE-2016-8206 1Brocade 1Network Advisor May 13, 2026 Jan 14, 2017 N/A· v4 7.5 HIGH· v3 6.4 MEDIUM· v2 A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary files, and consequently...Show more A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary files, and consequently delete the files.Show less
CVE-2016-8205 1Brocade 1Network Advisor May 13, 2026 Jan 14, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of th...Show more A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed.Show less
CVE-2016-8201 1Brocade 1Virtual Traffic Manager May 13, 2026 Jan 14, 2017 N/A· v4 8.0 HIGH· v3 6.0 MEDIUM· v2 A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0 could allow an attacker to trick a logged-in user into making administrative changes on the traffic manager cluster.
CVE-2016-8203 1Brocade 1Netiron Os May 6, 2026 Oct 31, 2016 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 A memory corruption in the IPsec code path of Brocade NetIron OS on Brocade MLXs 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00, and 6.0.00a images could allow attackers to cause a denial of service (line card r...Show more A memory corruption in the IPsec code path of Brocade NetIron OS on Brocade MLXs 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00, and 6.0.00a images could allow attackers to cause a denial of service (line card reset) via certain constructed IPsec control packets.Show less
CVE-2014-4870 1Brocade 2Vyatta 5400 Vrouter Vyatta 5400 Vrouter Software May 6, 2026 Oct 7, 2014 N/A· v4 N/A· v3 7.2 HIGH· v2 /opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 does not properly validate parameters, which allows local users to gain privileges by leveraging the su...Show more /opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 does not properly validate parameters, which allows local users to gain privileges by leveraging the sudo configuration.Show less
CVE-2014-4869 1Brocade 2Vyatta 5400 Vrouter Vyatta 5400 Vrouter Software May 6, 2026 Oct 7, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows attackers to obtain sensitive encrypted-password information by leveraging membership in the operator group.
CVE-2014-4868 1Brocade 2Vyatta 5400 Vrouter Vyatta 5400 Vrouter Software May 6, 2026 Oct 7, 2014 N/A· v4 N/A· v3 9.0 HIGH· v2 The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows remote authenticated users to execute arbitrary Linux commands via shell metacharacters in a console command.
CVE-2013-7307 1Brocade 2Vyatta Vrouter Vyatta Vrouter Software Apr 29, 2026 Jan 23, 2014 N/A· v4 N/A· v3 5.4 MEDIUM· v2 The OSPF implementation on the Brocade Vyatta vRouter with software before 6.6R1 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations...Show more The OSPF implementation on the Brocade Vyatta vRouter with software before 6.6R1 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.Show less
CVE-2013-7306 1Brocade 11Adx Bigiron RxFastiron+8 more Apr 29, 2026 Jan 23, 2014 N/A· v4 N/A· v3 5.4 MEDIUM· v2 The OSPF implementation on Brocade routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remo...Show more The OSPF implementation on Brocade routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.Show less
CVE-2011-2760 1Brocade 1Bigiron Rx Switch Apr 29, 2026 Jul 17, 2011 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Brocade BigIron RX switches allow remote attackers to bypass ACL rules by using 179 as the source port of a packet.
CVE-2004-1663 5Broadcom BrocadeEngenio+2 more 6D280 Ds4100Fabric Operating System+3 more Apr 16, 2026 Sep 4, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possi...Show more Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets.Show less

Previous 12