CVE-2023-5973 MEDIUM

CVE-2023-5973: Truncated port name

Vendor Brocade
Product Fabric OS
Weakness CWE-346 · Origin validation
Published April 5, 2024
Last update February 13, 2025

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display.

Key dates

02Disclosure timeline

April 5, 2024 CVE published
February 13, 2025 Record updated