← back
CVE-2023-5973

Truncated port name

CVSS 4.3 MEDIUMEPSS 0.2%CWE-346
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.3EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
05 Apr 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Affected products
Brocade · Fabric OS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security.netapp.com/advisory/ntap-20240628-0005/https://support.broadcom.com/external/content/SecurityAdvisories/0/23214