CVE-2023-5973

MEDIUM

Broadcom Fabric Operating System < 9.2.0 - Origin Validation Error

Title source: rule

Description

Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display.

References (2)

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20240628-0005/

[Vendor Advisory] https://support.broadcom.com/external/content/SecurityAdvisories/0/23214

Scores

CVSS v3 4.3

EPSS 0.0021

EPSS Percentile 43.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Classification

CWE

CWE-346

Status published

Affected Products (1)

broadcom/fabric_operating_system < 9.2.0

Timeline

Published Apr 05, 2024

Tracked Since Feb 18, 2026