{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-31430","assignerOrgId":"87b297d7-335e-4844-9551-11b97995a791","state":"PUBLISHED","assignerShortName":"brocade","dateReserved":"2023-04-28T00:14:58.125Z","datePublished":"2023-08-01T23:31:00.376Z","dateUpdated":"2025-02-13T16:50:11.199Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Brocade Fabric OS","vendor":"Brocade","versions":[{"status":"affected","version":"before Brocade Fabric OS v9.1.1c and v9.2.0"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service.<br>"}],"value":"A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service."}],"impacts":[{"capecId":"CAPEC-25","descriptions":[{"lang":"en","value":"CAPEC-25 Forced Deadlock"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":5.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-120","description":"CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"87b297d7-335e-4844-9551-11b97995a791","shortName":"brocade","dateUpdated":"2023-09-08T16:06:16.954Z"},"references":[{"url":"https://support.broadcom.com/external/content/SecurityAdvisories/0/22381"},{"url":"https://security.netapp.com/advisory/ntap-20230908-0007/"}],"source":{"discovery":"UNKNOWN"},"title":"buffer overflow vulnerability in “secpolicydelete” command","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T14:53:31.056Z"},"title":"CVE Program Container","references":[{"url":"https://support.broadcom.com/external/content/SecurityAdvisories/0/22381","tags":["x_transferred"]},{"url":"https://security.netapp.com/advisory/ntap-20230908-0007/","tags":["x_transferred"]}]}]}}