CVE-2023-31426

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Aug 1, 2023

Updated: Feb 15, 2024

CWE ID 532

Summary

CVE-2023-31426 is a vulnerability affecting Brocade Fabric OS before version 9.1.1c, 8.2.3d, and print servers with scp, sftp, or ftp. The issue lies in the "configupload" and "configdownload" commands, which inadvertently disclose passwords during a support save operation. A remote, authenticated attacker can exploit this to gain access to sensitive information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Broadcom Fabric Operating System

Affected Vendors

Broadcom

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sMPXNq
https://www.cve.org/CVERecord?id=CVE-2023-31426
https://nvd.nist.gov/vuln/detail/CVE-2023-31426

Back to Vulnerability Database