PT-2023-23316 · Brocade · Brocade Fabric Os
Published
2023-08-01
·
Updated
2023-11-16
·
CVE-2023-31428
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Brocade Fabric OS versions prior to 9.1.1c
Brocade Fabric OS versions prior to 9.2.0
Description
The issue allows a local user to dump files under the user's home directory using the
grep command. This is due to a vulnerability in the command line.Recommendations
For Brocade Fabric OS versions prior to 9.1.1c, update to version 9.1.1c or later.
For Brocade Fabric OS versions prior to 9.2.0, update to version 9.2.0 or later.
As a temporary workaround, consider restricting access to the
grep command for local users until a patch is applied.Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Brocade Fabric Os