exploitDog

CVE-2023-5973

Опубликовано: 05 апр. 2024

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display.

Ссылки

https://security.netapp.com/advisory/ntap-20240628-0005/
Third Party Advisory
https://support.broadcom.com/external/content/SecurityAdvisories/0/23214
Vendor Advisory
https://security.netapp.com/advisory/ntap-20240628-0005/
Third Party Advisory
https://support.broadcom.com/external/content/SecurityAdvisories/0/23214
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*

Версия от 9.0.0 (включая) до 9.2.0 (исключая)

EPSS

Процентиль: 44%

0.00213

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-346

CWE-346

Связанные уязвимости

GHSA-mq9r-62m5-pjc2

CVSS3: 4.3

github

почти 2 года назад

Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display.

EPSS

Процентиль: 44%

0.00213

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-346

CWE-346