CVE-2022-33185

high

Description

Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user account.

References

https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2078

https://security.netapp.com/advisory/ntap-20230127-0010/

Details

Source: Mitre, NVD

Published: 2022-10-25

Updated: 2023-02-28

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

Detections

Analytics