CVE-2022-33185: Buffer Overflow
First published: Tue Oct 25 2022(Updated: )
Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user account.
Credit: sirt@brocade.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Broadcom Fabric Operating System | <9.0.1e |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2022-33185.
What is the severity of CVE-2022-33185?
The severity of CVE-2022-33185 is high with a CVSS score of 7.8.
Which software versions are affected by CVE-2022-33185?
Brocade Fabric OS versions before v.9.0.1e and v9.1.0 are affected by CVE-2022-33185.
How can an attacker exploit CVE-2022-33185?
Authenticated local attackers can exploit CVE-2022-33185 to execute arbitrary code as the root user by abusing stack-based buffer overflows.
Are there any references available for CVE-2022-33185?
Yes, you can find references for CVE-2022-33185 at the following links: - [NetApp Security Advisory](https://security.netapp.com/advisory/ntap-20230127-0010/) - [Broadcom Security Advisory](https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2078)
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- vendor/broadcom
- canonical/broadcom fabric operating system