Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Brocade — Vulnerabilities & Security Advisories 81

Browse all 81 CVE security advisories affecting Brocade. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Brocade operates primarily in the enterprise networking sector, specializing in high-performance Fibre Channel and Ethernet switches for data center infrastructure. Historically, its network operating systems have been susceptible to a range of critical flaws, most notably remote code execution (RCE) and buffer overflow vulnerabilities that allow attackers to gain unauthorized administrative access. Privilege escalation and cross-site scripting (XSS) issues have also appeared frequently in its management interfaces, exposing sensitive configuration data. A significant security incident occurred in 2017 when researchers disclosed multiple vulnerabilities in the Fabric OS, highlighting weaknesses in default credential handling and input validation. With 81 recorded CVEs, the vendor’s legacy products often lack modern security controls, requiring rigorous patch management to mitigate risks associated with unpatched firmware versions and exposed management ports.

Top products by Brocade: Brocade SANnav Fabric OS SANnav Brocade Fabric OS ASCG Brocade Fabric OS Brocade Switches Brocade SANnav
CVE IDTitleCVSSSeverityPublished
CVE-2024-7516 Brocade Fabric OS before 9.2.2 does not enforce strict host key checking — Fabric OSCWE-322 7.5AIHighAI2024-11-12
CVE-2024-5460 Brocade Fabric OS versions prior to v9.0 have default community strings — Fabric OSCWE-798 8.1 High2024-06-25
CVE-2024-29954 password management API prints sensitive information in log files — Fabric OSCWE-312 5.9 Medium2024-06-25
CVE-2024-29953 Encoded session passwords on session storage for Virtual Fabric platforms — Fabric OSCWE-922 4.3 Medium2024-06-25
CVE-2024-2860 Broadcom Brocade SANnav 安全漏洞 — Brocade SAnnavCWE-306 7.8 High2024-05-08
CVE-2024-2859 By default, SANnav OVA is shipped with root user login enabled (CVE-2024-2859) — Brocade SANnav 6.8 Medium2024-04-27
CVE-2024-4173 SANnav versions exposes Kafka in the wan interface. — Brocade SANnavCWE-200 7.6 High2024-04-25
CVE-2024-4161 Syslog traffic sent in clear-text — Brocade SANnavCWE-319 8.6 High2024-04-25
CVE-2024-4159 Protection mechanisms — Brocade SANnavCWE-200 4.3 Medium2024-04-25
CVE-2024-29969 TLS/SSL weak message authentication code ciphers are added by default for port 18082 — Brocade SANnavCWE-326 7.5 High2024-04-19
CVE-2024-29968 SQL Table names, column names, and SQL queries are collected in DR standby Supportsave — Brocade SANnavCWE-922 7.7 High2024-04-19
CVE-2024-29967 In Brocade SANnav before v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points — Brocade SANnavCWE-276 4.4 Medium2024-04-19
CVE-2024-29966 hard-coded credentials in the documentation that appear as the appliance root password — Brocade SANnav CWE-798 7.5 High2024-04-19
CVE-2024-29965 Insecure backup — Brocade SANnavCWE-922 6.8 Medium2024-04-19
CVE-2024-29964 Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files — Brocade SANnavCWE-732 5.7 Medium2024-04-19
CVE-2024-29962 Insecure file permission setting that makes files world-readable — Brocade SANnavCWE-276 5.5 Medium2024-04-19
CVE-2024-29963 Brocade SANnav contains hardcoded TLS keys used by Docker — Brocade SANnavCWE-798 1.9 Low2024-04-19
CVE-2024-29961 supply-chain attack risk — Brocade SANnavCWE-200 8.2 High2024-04-19
CVE-2024-29960 Identical SSH keys utilized inside the OVA image (CVE-2024-29960) — Brocade SANnavCWE-798 6.8 Medium2024-04-19
CVE-2024-29959 Brocade Fabric OS switch encrypted passwords in the Brocade SANnav Standby node's support save — Brocade SANnavCWE-532 8.6 High2024-04-19
CVE-2024-29958 Encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. — Brocade SANnavCWE-532 7.5 High2024-04-19
CVE-2024-29957 Encryption key is stored in the DR log files — Brocade SANnavCWE-532 7.5 High2024-04-19
CVE-2024-29956 cleartext password in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav — Brocade SANnavCWE-312 6.5 Medium2024-04-18
CVE-2024-29955 Insertion of Sensitive Information into Brocade SANnav Log File — Brocade SANnavCWE-532 5.0 Medium2024-04-17
CVE-2024-29952 Clear text storage of sensistive information by manipulating command variables — Brocade SANnavCWE-312 5.5 Medium2024-04-17
CVE-2024-29951 Brocade SANnav has weak encryption in internal SSH ports — Brocade SANnavCWE-326 5.7 Medium2024-04-17
CVE-2024-29950 Brocade SANnav before v2.3.1, v2.3.0a uses weak encryption — Brocade SANnavCWE-326 7.5 High2024-04-17
CVE-2023-5973 Truncated port name — Fabric OSCWE-346 4.3 Medium2024-04-05
CVE-2023-3454 Brocade Fabric OS 安全漏洞 — Fabric OSCWE-78 8.6 High2024-04-04
CVE-2021-27795 License forgery in Brocade Fabric OS (FOS) hardware platforms running any version of Brocade Fabric OS software, — Brocade SwitchesCWE-327 6.4 Medium2023-12-06

This page lists every published CVE security advisory associated with Brocade. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.