cve/2023/CVE-2023-31427.md

### [CVE-2023-31427](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31427)
![](https://img.shields.io/static/v1?label=Product&message=Fabric%20OS&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20after%209.1.0%20and%20before%20Brocade%20Fabric%20OS%20v9.2.0%20and%20v9.1.1c%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen)

### Description

Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-31427](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31427)`
			`![](https://img.shields.io/static/v1?label=Product&message=Fabric%20OS&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20after%209.1.0%20and%20before%20Brocade%20Fabric%20OS%20v9.2.0%20and%20v9.1.1c%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen)`

			`### Description`

			`Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/fkie-cad/nvd-json-data-feeds`