CVE-2023-31432 HIGH

CVE-2023-31432: Privilege issues in multiple commands

Vendor Brocade
Product Fabric OS
Weakness CWE-269
Published August 1, 2023
Last update February 13, 2025

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Through manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-privileged user could obtain root privileges in Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c and v9.2.0.

Key dates

02Disclosure timeline

August 1, 2023 CVE published
February 13, 2025 Record updated