CVE-2023-5973 — Origin Validation Error in Fabric Operating System

CWE-346 — Origin Validation Error3 documents3 sources

Severity

4.3MEDIUMNVD

EPSS

0.2%

top 62.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Fabric Operating System Brocade Fabric OS

Timeline

PublishedApr 5

Description

Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5brocade/fabric_osVersions v9.x and before v9.2.0

▶NVDbroadcom/fabric_operating_system9.0.0 — 9.2.0

🔴Vulnerability Details

GHSA

GHSA-mq9r-62m5-pjc2: Brocade Web Interface in Brocade Fabric OS v9↗2024-04-05

▶

CVEList

Truncated port name↗2024-04-05

▶