CVE-2023-31432

HIGH

Brocade Fabric OS <9.1.1c, 9.2.0 - Privilege Escalation

Title source: llm

Description

Through manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-privileged user could obtain root privileges in Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c and v9.2.0.

References (2)

Core 2

Core References

Third Party Advisory

https://security.netapp.com/advisory/ntap-20230908-0007/

Vendor Advisory

https://support.broadcom.com/external/content/SecurityAdvisories/0/22385

Scores

CVSS v3 7.8

EPSS 0.0005

EPSS Percentile 14.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-269

Status published

Products (1)

broadcom/brocade_fabric_operating_system < 9.1.1c

Published Aug 02, 2023

Tracked Since Feb 18, 2026