exploitDog

CVE-2023-31427

Опубликовано: 01 авг. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled.

Ссылки

https://security.netapp.com/advisory/ntap-20230908-0007/
Third Party Advisory
https://support.broadcom.com/external/content/SecurityAdvisories/0/22379
Vendor Advisory
https://security.netapp.com/advisory/ntap-20230908-0007/
Third Party Advisory
https://support.broadcom.com/external/content/SecurityAdvisories/0/22379
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*

Версия до 9.1.1c (исключая)

EPSS

Процентиль: 19%

0.00062

Низкий

7.8 High

CVSS3

Дефекты

CWE-22

CWE-22

Связанные уязвимости

GHSA-fhpg-j54r-7h8v

CVSS3: 7.8

github

больше 2 лет назад

Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled.

EPSS

Процентиль: 19%

0.00062

Низкий

7.8 High

CVSS3

Дефекты

CWE-22

CWE-22