Lucene search

K
cvelistBrocadeCVELIST:CVE-2023-31429
HistoryAug 01, 2023 - 8:20 p.m.

CVE-2023-31429 Multiple commands print sensitive information in the terminal

2023-08-0120:20:52
CWE-209
brocade
www.cve.org
7
cve-2023-31429
brocade fabric os
terminal print

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.8

Confidence

High

EPSS

0

Percentile

9.0%

Brocade Fabric OS before Brocade Fabric OS 9.1.1c, 9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Fabric OS",
    "vendor": "Brocade",
    "versions": [
      {
        "status": "affected",
        "version": "before Brocade Fabric OS v9.1.1c, v9.2.0"
      }
    ]
  }
]

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.8

Confidence

High

EPSS

0

Percentile

9.0%

Related for CVELIST:CVE-2023-31429