CVE-2023-5973

MEDIUM

Broadcom Fabric Operating System < 9.2.0 - Origin Validation Error

Title source: rule

Description

Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display.

References (2)

Core 2

Core References

Third Party Advisory

https://security.netapp.com/advisory/ntap-20240628-0005/

Vendor Advisory

https://support.broadcom.com/external/content/SecurityAdvisories/0/23214

Scores

CVSS v3 4.3

EPSS 0.0018

EPSS Percentile 7.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-346

Status published

Products (1)

broadcom/fabric_operating_system 9.0.0 - 9.2.0

Published Apr 05, 2024

Tracked Since Feb 18, 2026