CVE-2023-31427
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Brocade | Fabric OS | after 9.1.0 and before Brocade Fabric OS v9.2.0 and v9.1.1c | affected |
Weaknesses
- CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
ADP Enrichment
CVE Program Container
Additional References
- https://support.broadcom.com/external/content/SecurityAdvisories/0/22379
- https://security.netapp.com/advisory/ntap-20230908-0007/
References
- https://support.broadcom.com/external/content/SecurityAdvisories/0/22379
- https://security.netapp.com/advisory/ntap-20230908-0007/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.