Vulnerability Description
Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could allow an attacker to execute arbitrary code and use this to gain root access to the Brocade switch.
CVSS Score
8.6
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Fabric Operating System | >= 9.0.0, < 9.1.1d1 |
Related Weaknesses (CWE)
References
- https://security.netapp.com/advisory/ntap-20240628-0004/Third Party Advisory
- https://support.broadcom.com/external/content/SecurityAdvisories/0/23215Vendor Advisory
- https://security.netapp.com/advisory/ntap-20240628-0004/Third Party Advisory
- https://support.broadcom.com/external/content/SecurityAdvisories/0/23215Vendor Advisory
FAQ
What is CVE-2023-3454?
CVE-2023-3454 is a vulnerability with a CVSS score of 8.6 (HIGH). Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could allow an attacker to execute arbitrary code and use this to gain root access to the Brocade switch.
How severe is CVE-2023-3454?
CVE-2023-3454 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-3454?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Fabric Operating System.