CVE-2023-4162Unchecked Return Value in Fabric Operating System

CWE-252Unchecked Return ValueCWE-400Uncontrolled Resource ConsumptionCWE-125Out-of-bounds Read3 documents3 sources
Severity
4.4MEDIUMNVD
EPSS
0.0%
top 94.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Broadcom Fabric Operating SystemBrocade Fabric OS
Timeline
PublishedAug 31

Description

A segmentation fault can occur in Brocade Fabric OS after Brocade Fabric OS v9.0 and before Brocade Fabric OS v9.2.0a through the passwdcfg command. This could allow an authenticated privileged user local user to crash a Brocade Fabric OS swith using the cli “passwdcfg --set -expire -minDiff“.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5brocade/fabric_osBrocade Fabric OS after Brocade Fabric OS v9.0 and before Brocade Fabric OS v9.2.0a
NVDbroadcom/fabric_operating_system9.0.1a9.2.0a

🔴Vulnerability Details

2
CVEList
Segmentation fault in Brocade Fabric OS after Brocade Fabric OS v9.02023-08-31
GHSA
GHSA-g5c7-69g3-565r: A segmentation fault can occur in Brocade Fabric OS after Brocade Fabric OS v92023-08-31
CVE-2023-4162 — Unchecked Return Value | cvebase