exploitDog

CVE-2023-31432

Опубликовано: 02 авг. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

Through manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-privileged user could obtain root privileges in Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c and v9.2.0.

Ссылки

https://security.netapp.com/advisory/ntap-20230908-0007/
Third Party Advisory
https://support.broadcom.com/external/content/SecurityAdvisories/0/22385
Vendor Advisory
https://security.netapp.com/advisory/ntap-20230908-0007/
Third Party Advisory
https://support.broadcom.com/external/content/SecurityAdvisories/0/22385
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:broadcom:brocade_fabric_operating_system:*:*:*:*:*:*:*:*

Версия до 9.1.1c (исключая)

EPSS

Процентиль: 18%

0.00057

Низкий

7.8 High

CVSS3

Дефекты

CWE-269

CWE-269

Связанные уязвимости

GHSA-w5cc-3g2v-73pr

CVSS3: 7.8

github

больше 2 лет назад

Through manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-privileged user could obtain root privileges in Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c and v9.2.0.

EPSS

Процентиль: 18%

0.00057

Низкий

7.8 High

CVSS3

Дефекты

CWE-269

CWE-269