CVE-2023-3454

Description

Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could allow an attacker to execute arbitrary code and use this to gain root access to the Brocade switch.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

Low

Availability

Low

Affected products

Brocade / Fabric OSafter v9.0 and before v9.2.0 – after v9.0 and before v9.2.0

References

VENDOR_ADVISORYhttps://support.broadcom.com/external/content/SecurityAdvisories/0/23215
MISChttps://security.netapp.com/advisory/ntap-20240628-0004/