VDB

CISA-2023-31426

CISA-2023-31426 PUBLISHED CVSS 6.8 MEDIUM

Reported by brocade · Published August 1, 2023

The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave. This could allow a remote authenticated attacker to access sensitive information.

Risk Scores

CVSS 3.1
6.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

Affected Products

VendorProductVersions
BrocadeBrocade Fabric OS before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0
BrocadeBrocade Fabric OS before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0, before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0

Timeline

  • Aug 1, 2023 CVE Published
  • Aug 2, 2024 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›