cvelist/2023/3xxx/CVE-2023-3454.json

{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2023-3454",
        "ASSIGNER": "sirt@brocade.com",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could allow an attacker to execute arbitrary code and use this to gain root access to the Brocade switch.\n\n"
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                        "cweId": "CWE-78"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Brocade ",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Fabric OS",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "after v9.0 and before v9.2.0"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/23215",
                "refsource": "MISC",
                "name": "https://support.broadcom.com/external/content/SecurityAdvisories/0/23215"
            },
            {
                "url": "https://security.netapp.com/advisory/ntap-20240628-0004/",
                "refsource": "MISC",
                "name": "https://security.netapp.com/advisory/ntap-20240628-0004/"
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.1.0-dev"
    },
    "source": {
        "discovery": "UNKNOWN"
    },
    "impact": {
        "cvss": [
            {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.1"
            }
        ]
    }
}
"-Synchronized-Data." 2023-06-28 22:00:43 +00:00			`{`
"-Synchronized-Data." 2024-04-10 19:01:22 +00:00			`"data_version": "4.0",`
"-Synchronized-Data." 2023-06-28 22:00:43 +00:00			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2023-3454",`
"-Synchronized-Data." 2024-04-10 19:01:22 +00:00			`"ASSIGNER": "sirt@brocade.com",`
			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2023-06-28 22:00:43 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2024-04-10 19:01:22 +00:00			`"value": "Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could allow an attacker to execute arbitrary code and use this to gain root access to the Brocade switch.\n\n"`
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",`
			`"cweId": "CWE-78"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "Brocade ",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Fabric OS",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_affected": "=",`
			`"version_value": "after v9.0 and before v9.2.0"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/23215",`
			`"refsource": "MISC",`
			`"name": "https://support.broadcom.com/external/content/SecurityAdvisories/0/23215"`
"-Synchronized-Data." 2024-06-28 17:00:35 +00:00			`},`
			`{`
			`"url": "https://security.netapp.com/advisory/ntap-20240628-0004/",`
			`"refsource": "MISC",`
			`"name": "https://security.netapp.com/advisory/ntap-20240628-0004/"`
"-Synchronized-Data." 2024-04-10 19:01:22 +00:00			`}`
			`]`
			`},`
			`"generator": {`
			`"engine": "Vulnogram 0.1.0-dev"`
			`},`
			`"source": {`
			`"discovery": "UNKNOWN"`
			`},`
			`"impact": {`
			`"cvss": [`
			`{`
			`"attackComplexity": "LOW",`
			`"attackVector": "NETWORK",`
			`"availabilityImpact": "LOW",`
			`"baseScore": 8.6,`
			`"baseSeverity": "HIGH",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "LOW",`
			`"privilegesRequired": "NONE",`
			`"scope": "UNCHANGED",`
			`"userInteraction": "NONE",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",`
			`"version": "3.1"`
"-Synchronized-Data." 2023-06-28 22:00:43 +00:00			`}`
			`]`
			`}`
			`}`