CVE-2023-5973

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-5973
Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display.

4.3 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://security.netapp.com/advisory/ntap-20240628-0005/ Third Party Advisory
https://security.netapp.com/advisory/ntap-20240628-0005/ Third Party Advisory
https://support.broadcom.com/external/content/SecurityAdvisories/0/23214 Vendor Advisory
https://support.broadcom.com/external/content/SecurityAdvisories/0/23214 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*
History

13 Feb 2025, 18:16

Type Values Removed Values Added
Summary Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display. Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display.

04 Feb 2025, 15:30

Type Values Removed Values Added
References () https://support.broadcom.com/external/content/SecurityAdvisories/0/23214 - () https://support.broadcom.com/external/content/SecurityAdvisories/0/23214 - Vendor Advisory
References () https://security.netapp.com/advisory/ntap-20240628-0005/ - () https://security.netapp.com/advisory/ntap-20240628-0005/ - Third Party Advisory
First Time Broadcom fabric Operating System
Broadcom
CPE cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*
CWE CWE-346
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 4.3

28 Jun 2024, 16:15

Type Values Removed Values Added
References
  • () https://security.netapp.com/advisory/ntap-20240628-0005/ -

05 Apr 2024, 03:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-04-05 03:15

Updated : 2025-02-13 18:16

NVD link : CVE-2023-5973

Mitre link : CVE-2023-5973

JSON object : View

Products Affected

broadcom

  • fabric_operating_system
CWE
CWE-346

Origin Validation Error