{"vulnerability": "CVE-2022-3318", "sightings": [{"uuid": "f61cad3c-5166-4a5c-a14a-844ffcf9400a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33185", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15810", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-33185\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user account.\n\ud83d\udccf Published: 2022-10-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T18:17:07.470Z\n\ud83d\udd17 References:\n1. https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2078\n2. https://security.netapp.com/advisory/ntap-20230127-0010/", "creation_timestamp": "2025-05-09T18:26:24.000000Z"}, {"uuid": "b67c6f8e-9b55-45d0-9260-d6aabb2a1b07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33187", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12986", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-33187\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N)\n\ud83d\udd39 Description: Brocade SANnav before v2.2.1 logs usernames and encoded passwords in \ndebug-enabled logs. The vulnerability could allow an attacker with admin\n privilege to read sensitive information.\n\n\n\ud83d\udccf Published: 2022-12-09T01:48:24.949Z\n\ud83d\udccf Modified: 2025-04-22T20:26:49.948Z\n\ud83d\udd17 References:\n1. https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2122", "creation_timestamp": "2025-04-22T21:04:26.000000Z"}, {"uuid": "5ab66794-f5f4-470a-8264-acc771c50e9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33182", "type": "seen", "source": "https://t.me/cibsecurity/52084", "content": "\u203c CVE-2022-33182 \u203c\n\nA privilege escalation vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, could allow a local authenticated user to escalate its privilege to root using switch commands \u00e2\u20ac\u0153supportlink\u00e2\u20ac\ufffd, \u00e2\u20ac\u0153firmwaredownload\u00e2\u20ac\ufffd, \u00e2\u20ac\u0153portcfgupload, license, and \u00e2\u20ac\u0153fosexec\u00e2\u20ac\ufffd.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-26T00:27:03.000000Z"}, {"uuid": "3779dff8-7551-422d-a264-2f2223b04907", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33186", "type": "seen", "source": "https://t.me/cibsecurity/54200", "content": "\u203c CVE-2022-33186 \u203c\n\nA vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier versions could allow a remote unauthenticated attacker to execute on a Brocade Fabric OS switch commands capable of modifying zoning, disabling the switch, disabling ports, and modifying the switch IP address.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-09T00:12:48.000000Z"}, {"uuid": "05fb1d48-0ddb-4b81-93ff-a4be8c55c379", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33180", "type": "seen", "source": "https://t.me/cibsecurity/52081", "content": "\u203c CVE-2022-33180 \u203c\n\nA vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5 could allow a local authenticated attacker to export out sensitive files with \u00e2\u20ac\u0153seccryptocfg\u00e2\u20ac\ufffd, \u00e2\u20ac\u0153configupload\u00e2\u20ac\ufffd.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-26T00:26:59.000000Z"}, {"uuid": "37a838b4-c05e-4e81-a7a6-7f51ab6a07be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33184", "type": "seen", "source": "https://t.me/cibsecurity/52079", "content": "\u203c CVE-2022-33184 \u203c\n\nA vulnerability in fab_seg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0_cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and execute arbitrary code as the root user account.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-26T00:26:58.000000Z"}, {"uuid": "e9ac1c1d-12b3-4d16-a96c-4f4e775277e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33183", "type": "seen", "source": "https://t.me/cibsecurity/52078", "content": "\u203c CVE-2022-33183 \u203c\n\nA vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in \u00e2\u20ac\u0153firmwaredownload\u00e2\u20ac\ufffd and \u00e2\u20ac\u0153diagshow\u00e2\u20ac\ufffd commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-26T00:26:54.000000Z"}, {"uuid": "30ba303d-b7e0-4fc5-90a2-65ba85ce3f38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33181", "type": "seen", "source": "https://t.me/cibsecurity/52076", "content": "\u203c CVE-2022-33181 \u203c\n\nAn information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a local authenticated attacker to read sensitive files using switch commands \u00e2\u20ac\u0153configshow\u00e2\u20ac\ufffd and \u00e2\u20ac\u0153supportlink\u00e2\u20ac\ufffd.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-26T00:26:52.000000Z"}, {"uuid": "aebc03e9-1c08-4a02-8d7a-52f05b3e1fe8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33185", "type": "seen", "source": "https://t.me/cibsecurity/52075", "content": "\u203c CVE-2022-33185 \u203c\n\nSeveral commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user account.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-26T00:26:51.000000Z"}]}