exploitDog

CVE-2023-31425

Опубликовано: 01 авг. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

A vulnerability in the fosexec command of Brocade Fabric OS after Brocade Fabric OS v9.1.0 and, before Brocade Fabric OS v9.1.1 could allow a local authenticated user to perform privilege escalation to root by breaking the rbash shell. Starting with Fabric OS v9.1.0, “root” account access is disabled.

Ссылки

https://security.netapp.com/advisory/ntap-20230908-0007/
Third Party Advisory
https://support.broadcom.com/external/content/SecurityAdvisories/0/22407
Vendor Advisory
https://security.netapp.com/advisory/ntap-20230908-0007/
Third Party Advisory
https://support.broadcom.com/external/content/SecurityAdvisories/0/22407
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:broadcom:fabric_operating_system:9.1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 30%

0.00111

Низкий

7.8 High

CVSS3

Дефекты

CWE-78

Связанные уязвимости

GHSA-q587-8249-rxpr

CVSS3: 7.8

github

больше 2 лет назад

A vulnerability in the fosexec command of Brocade Fabric OS after Brocade Fabric OS v9.1.0 and, before Brocade Fabric OS v9.1.1 could allow a local authenticated user to perform privilege escalation to root by breaking the rbash shell. Starting with Fabric OS v9.1.0, “root” account access is disabled.

EPSS

Процентиль: 30%

0.00111

Низкий

7.8 High

CVSS3

Дефекты

CWE-78