CVE-2023-5973

MEDIUM

Broadcom Fabric Operating System < 9.2.0 - Origin Validation Error

Title source: rule

Description

Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display.

References (2)

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20240628-0005/

[Vendor Advisory] https://support.broadcom.com/external/content/SecurityAdvisories/0/23214

Scores

CVSS v3 4.3

EPSS 0.0016

EPSS Percentile 36.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-346

Status published

Products (1)

broadcom/fabric_operating_system 9.0.0 - 9.2.0

Published Apr 05, 2024

Tracked Since Feb 18, 2026