Brocade Fabric Os
28 CVEs affecting Brocade Fabric Os. Latest disclosed: 2026-02-03. Critical: 0, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-3454 | High | 8.6 | 2024-04-04 | Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could allow an attacker to execute arbitrary code and use this to g… |
CVE-2023-3489 | High | 8.6 | 2023-08-30 | The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server password in clear text in the SupportSave file when performing a… |
CVE-2024-5460 | High | 8.1 | 2024-06-25 | A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP) feature of Brocade Fabric OS versions before v9.0.0 could allow… |
CVE-2023-31432 | High | 7.8 | 2023-08-01 | Through manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-privileged user could obtain roo… |
CVE-2023-31427 | High | 7.8 | 2023-08-01 | Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Broca… |
CVE-2023-31425 | High | 7.8 | 2023-08-01 | A vulnerability in the fosexec command of Brocade Fabric OS after Brocade Fabric OS v9.1.0 and, before Brocade Fabric OS v9.1.1 could allow a local authenticat… |
CVE-2023-31926 | High | 7.1 | 2023-08-02 | System files could be overwritten using the less command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0. |
CVE-2023-31928 | Medium | 6.3 | 2023-08-01 | A reflected cross-site scripting (XSS) vulnerability exists in Brocade Webtools PortSetting.html of Brocade Fabric OS version before Brocade Fabric OS v9.2.0… |
CVE-2024-29954 | Medium | 5.9 | 2024-06-25 | A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log fil… |
CVE-2023-31428 | Medium | 5.5 | 2023-08-01 | Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability in the command line that could allow a local user to dump files under user'… |
CVE-2023-31431 | Medium | 5.5 | 2023-08-01 | A buffer overflow vulnerability in “diagstatus” command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could allow an authenticated user to cras… |
CVE-2023-31429 | Medium | 5.5 | 2023-08-01 | Brocade Fabric OS before Brocade Fabric OS 9.1.1c, 9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”… |
CVE-2023-31927 | Medium | 5.3 | 2023-08-02 | An information disclosure in the web interface of Brocade Fabric OS versions before Brocade Fabric OS v9.2.0 and v9.1.1c, could allow a remote unauthenticated… |
CVE-2023-4162 | Medium | 4.4 | 2023-08-31 | A segmentation fault can occur in Brocade Fabric OS after Brocade Fabric OS v9.0 and before Brocade Fabric OS v9.2.0a through the passwdcfg command. This c… |
CVE-2024-29953 | Medium | 4.3 | 2024-06-25 | A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d prints encoded session passwords on session storage for Virtual F… |
CVE-2023-5973 | Medium | 4.3 | 2024-04-05 | Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved cha… |
CVE-2025-58381 | | 2026-02-03 | A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with admin privileges using the shell commands “source, ping6, sle… | |
CVE-2025-9711 | | 2026-02-03 | A vulnerability in Brocade Fabric OS before 9.2.1c3 could allow elevating the privileges of the local authenticated user to “root” using the export option of s… | |
CVE-2025-58380 | | 2026-02-03 | A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated attacker with admin privileges using the shell command “grep” to modify the path… | |
CVE-2026-0383 | | 2026-02-03 | A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file con… |