CVE-2023-31430 — Classic Buffer Overflow in Brocade Fabric Operating System

CWE-120 — Classic Buffer Overflow3 documents3 sources

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 90.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Brocade Fabric Operating System Brocade Fabric OS

Timeline

PublishedAug 2

Description

A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDbroadcom/brocade_fabric_operating_system< 9.1.1c+1

▶CVEListV5brocade/brocade_fabric_osbefore Brocade Fabric OS v9.1.1c and v9.2.0

🔴Vulnerability Details

GHSA

GHSA-5m2p-p2cf-cgcg: A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9↗2023-08-02

▶

CVEList

buffer overflow vulnerability in “secpolicydelete” command↗2023-08-01

▶