Vulnerability Description
Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Fabric Operating System | < 9.1.1c |
Related Weaknesses (CWE)
References
- https://security.netapp.com/advisory/ntap-20230908-0007/Third Party Advisory
- https://support.broadcom.com/external/content/SecurityAdvisories/0/22379Vendor Advisory
- https://security.netapp.com/advisory/ntap-20230908-0007/Third Party Advisory
- https://support.broadcom.com/external/content/SecurityAdvisories/0/22379Vendor Advisory
FAQ
What is CVE-2023-31427?
CVE-2023-31427 is a vulnerability with a CVSS score of 7.8 (HIGH). Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regar...
How severe is CVE-2023-31427?
CVE-2023-31427 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-31427?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Fabric Operating System.