CVE-2023-5973

Description

Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

Affected products

Brocade / Fabric OSVersions v9.x and before v9.2.0 – Versions v9.x and before v9.2.0

References

VENDOR_ADVISORYhttps://support.broadcom.com/external/content/SecurityAdvisories/0/23214
MISChttps://security.netapp.com/advisory/ntap-20240628-0005/