Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-33185

Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user account.

Published

2022-10-25T21:15:46.840

Last Modified

2025-05-09T19:15:52.003

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Primary
CWE-787
Type: Secondary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	broadcom	fabric_operating_system	< 9.0.1e	Yes

References

https://security.netapp.com/advisory/ntap-20230127-0010/ Third Party Advisory ([email protected])
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2078 Vendor Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20230127-0010/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2078 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)