5.5
CVE-2023-31430
- EPSS 0.04%
- Veröffentlicht 02.08.2023 00:15:17
- Zuletzt bearbeitet 13.02.2025 17:16:28
- Quelle sirt@brocade.com
- Teams Watchlist Login
- Unerledigt Login
A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Broadcom ≫ Brocade Fabric Operating System Version < 9.1.1c
Broadcom ≫ Brocade Fabric Operating System Version9.2.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.124 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| sirt@brocade.com | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.