CVE-2023-31425

Summary

A vulnerability in the fosexec command of Brocade Fabric OS after Brocade Fabric OS v9.1.0 and, before Brocade Fabric OS v9.1.1 could allow a local authenticated user to perform privilege escalation to root by breaking the rbash shell. Starting with Fabric OS v9.1.0, “root” account access is disabled.

Affected Software

VendorProductVersion RangeStatus
BrocadeFabric OSafter Brocade Fabric OS v9.1.0 and, before Brocade Fabric OS v9.1.1affected

Weaknesses

  • Privilege escalation

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References