{"dataType":"CVE_RECORD","cveMetadata":{"cveId":"CVE-2023-3454","assignerOrgId":"87b297d7-335e-4844-9551-11b97995a791","state":"PUBLISHED","assignerShortName":"brocade","dateReserved":"2023-06-28T21:20:18.502Z","datePublished":"2024-04-04T17:03:54.171Z","dateUpdated":"2025-02-13T16:55:37.820Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Fabric OS","vendor":"Brocade","versions":[{"status":"affected","version":"after v9.0 and before v9.2.0"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could allow an attacker to execute arbitrary code and use this to gain root access to the Brocade switch.<br><br>"}],"value":"Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could allow an attacker to execute arbitrary code and use this to gain root access to the Brocade switch."}],"impacts":[{"capecId":"CAPEC-242","descriptions":[{"lang":"en","value":"CAPEC-242 Code Injection"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":8.6,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-78","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"87b297d7-335e-4844-9551-11b97995a791","shortName":"brocade","dateUpdated":"2024-06-28T16:05:56.190Z"},"references":[{"url":"https://support.broadcom.com/external/content/SecurityAdvisories/0/23215"},{"url":"https://security.netapp.com/advisory/ntap-20240628-0004/"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"affected":[{"vendor":"broadcom","product":"brocade_fabric_operating_system","cpes":["cpe:2.3:o:broadcom:brocade_fabric_operating_system:9.0:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"9.0","status":"affected","lessThan":"9.2.0","versionType":"custom"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-04-08T13:23:36.479859Z","id":"CVE-2023-3454","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-20T15:00:34.252Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T06:55:03.530Z"},"title":"CVE Program Container","references":[{"url":"https://support.broadcom.com/external/content/SecurityAdvisories/0/23215","tags":["x_transferred"]},{"url":"https://security.netapp.com/advisory/ntap-20240628-0004/","tags":["x_transferred"]}]}]},"dataVersion":"5.1"}