CVE-2023-31427

Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled.
Configurations

Configuration 1 (hide)

cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*

History

13 Feb 2025, 17:16

Type Values Removed Values Added
Summary (en) Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled. (en) Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled.

21 Nov 2024, 08:01

Type Values Removed Values Added
References () https://security.netapp.com/advisory/ntap-20230908-0007/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20230908-0007/ - Third Party Advisory
References () https://support.broadcom.com/external/content/SecurityAdvisories/0/22379 - Vendor Advisory () https://support.broadcom.com/external/content/SecurityAdvisories/0/22379 - Vendor Advisory
Summary
  • (es) Las versiones de Brocade Fabric OS anteriores a Brocade Fabric OS v9.1.1c y v9.2.0 podrían permitir a un usuario local autenticado con conocimiento de los nombres de ruta completos dentro de Brocade Fabric OS ejecutar cualquier comando independientemente del privilegio asignado. A partir de Fabric OS v9.1.0, el acceso a la cuenta "root" está deshabilitado.

16 Feb 2024, 17:35

Type Values Removed Values Added
References () https://security.netapp.com/advisory/ntap-20230908-0007/ - () https://security.netapp.com/advisory/ntap-20230908-0007/ - Third Party Advisory

Information

Published : 2023-08-01 23:15

Updated : 2025-02-13 17:16


NVD link : CVE-2023-31427

Mitre link : CVE-2023-31427

CVE.ORG link : CVE-2023-31427


JSON object : View

Products Affected

broadcom

  • fabric_operating_system
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')