Shodan
Vulnerabilities
Vulnerable Software
Broadcom:  Security Vulnerabilities
CVE-2023-4324
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-15
CVE-2023-4325
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-15
CVE-2023-4326
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-15
CVE-2023-4345
Broadcom RAID Controller web interface is vulnerable client-side control bypass leads to unauthorized data access for low privileged user
CVSS Score
6.5
EPSS Score
0.0
Published
2023-08-15
CVE-2023-31926
System files could be overwritten using the less command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0.
CVSS Score
7.1
EPSS Score
0.0
Published
2023-08-02
CVE-2023-31927
An information disclosure in the web interface of Brocade Fabric OS versions before Brocade Fabric OS v9.2.0 and v9.1.1c, could allow a remote unauthenticated attacker to get technical details about the web interface.
CVSS Score
5.3
EPSS Score
0.004
Published
2023-08-02
CVE-2023-31430
A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-02
CVE-2023-31431
A buffer overflow vulnerability in “diagstatus” command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could allow an authenticated user to crash the Brocade Fabric OS switch leading to a denial of service.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-02
CVE-2023-31432
Through manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-privileged user could obtain root privileges in Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c and v9.2.0.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-08-02
CVE-2023-31928
A reflected cross-site scripting (XSS) vulnerability exists in Brocade Webtools PortSetting.html of Brocade Fabric OS version before Brocade Fabric OS v9.2.0 that could allow a remote unauthenticated attacker to execute arbitrary JavaScript code in a target user’s session with the Brocade Webtools application.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-08-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved