Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2023-31429
PUBLISHED
More InfoOfficial Page
Assigner-brocade
Assigner Org ID-87b297d7-335e-4844-9551-11b97995a791
View Known Exploited Vulnerability (KEV) details
Published At-01 Aug, 2023 | 20:20
Updated At-15 Oct, 2024 | 14:12
Rejected At-
▼CVE Numbering Authority (CNA)
Multiple commands print sensitive information in the terminal

Brocade Fabric OS before Brocade Fabric OS 9.1.1c, 9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal.

Affected Products
Vendor
Brocade Communications Systems, Inc. (Broadcom Inc.)Brocade
Product
Fabric OS
Default Status
unaffected
Versions
Affected
  • before Brocade Fabric OS v9.1.1c, v9.2.0
Problem Types
TypeCWE IDDescription
CWECWE-209CWE-209 Generation of Error Message Containing Sensitive Information
Type: CWE
CWE ID: CWE-209
Description: CWE-209 Generation of Error Message Containing Sensitive Information
Metrics
VersionBase scoreBase severityVector
3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-155CAPEC-155: Screen Temporary Files for Sensitive Information
CAPEC ID: CAPEC-155
Description: CAPEC-155: Screen Temporary Files for Sensitive Information
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22408
N/A
https://security.netapp.com/advisory/ntap-20230908-0007/
N/A
Hyperlink: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22408
Resource: N/A
Hyperlink: https://security.netapp.com/advisory/ntap-20230908-0007/
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22408
x_transferred
https://security.netapp.com/advisory/ntap-20230908-0007/
x_transferred
Hyperlink: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22408
Resource:
x_transferred
Hyperlink: https://security.netapp.com/advisory/ntap-20230908-0007/
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found