Lucene search

K
vulnrichmentBrocadeVULNRICHMENT:CVE-2023-31429
HistoryAug 01, 2023 - 8:20 p.m.

CVE-2023-31429 Multiple commands print sensitive information in the terminal

2023-08-0120:20:52
CWE-209
brocade
github.com
3
cve-2023-31429
multiple commands
brocade fabric os
vulnerability
sensitive information
terminal
shell interpreted variables

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

7

Confidence

High

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

Brocade Fabric OS before Brocade Fabric OS 9.1.1c, 9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal.

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

7

Confidence

High

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

Related for VULNRICHMENT:CVE-2023-31429