CVE-2023-4162 – Segmentation fault in Brocade Fabric OS after Brocade Fabric OS v9.0
https://notcve.org/view.php?id=CVE-2023-4162
A segmentation fault can occur in Brocade Fabric OS after Brocade Fabric OS v9.0 and before Brocade Fabric OS v9.2.0a through the passwdcfg command. This could allow an authenticated privileged user local user to crash a Brocade Fabric OS swith using the cli “passwdcfg --set -expire -minDiff“. Puede producirse un fallo de segmentación en Brocade Fabric OS después de Brocade Fabric OS v9.0 y antes de Brocade Fabric OS v9.2.0a a través del comando "passwdcfg". Esto podría permitir que un usuario privilegiado autenticado local bloquease un Brocade Fabric OS swith utilizando el cli "passwdcfg --set -expire -minDiff". • https://security.netapp.com/advisory/ntap-20231124-0010 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22513 • CWE-125: Out-of-bounds Read CWE-252: Unchecked Return Value CWE-400: Uncontrolled Resource Consumption •
CVE-2023-4163 – Possible buffer overflow in portcfgfportbuffers in Brocade Fabric OS
https://notcve.org/view.php?id=CVE-2023-4163
In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command. En Brocade Fabric OS antes de v9.2.0a, un usuario privilegiado autenticado localmente puede desencadenar una condición de desbordamiento de búfer, lo que lleva a un pánico del kernel con una gran entrada a los búferes en el comando portcfgfportbuffers. • https://security.netapp.com/advisory/ntap-20231130-0001 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22514 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-31427 – Knowledge of full path name
https://notcve.org/view.php?id=CVE-2023-31427
Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled. Las versiones de Brocade Fabric OS anteriores a Brocade Fabric OS v9.1.1c y v9.2.0 podrían permitir a un usuario local autenticado con conocimiento de los nombres de ruta completos dentro de Brocade Fabric OS ejecutar cualquier comando independientemente del privilegio asignado. A partir de Fabric OS v9.1.0, el acceso a la cuenta "root" está deshabilitado. • https://security.netapp.com/advisory/ntap-20230908-0007 https://support.broadcom.com/external/content/SecurityAdvisories/0/22379 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-31426 – scp, sftp, ftp servers passwords in supportsave
https://notcve.org/view.php?id=CVE-2023-31426
The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave. This could allow a remote authenticated attacker to access sensitive information. Los comandos de Brocade Fabric OS "configupload" y "configdownload" anteriores a Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 imprimen las contraseñas de los servidores scp, sftp y ftp en supportsave. Esto podría permitir a un atacante remoto autenticado acceder a información sensible. • https://security.netapp.com/advisory/ntap-20230908-0007 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22377 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2023-31429 – Multiple commands print sensitive information in the terminal
https://notcve.org/view.php?id=CVE-2023-31429
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal. Brocade Fabric OS antes de Brocade Fabric OS v9.1.1c, v9.2.0 contiene una vulnerabilidad al utilizar varios comandos como "chassisdistribute", "reboot", "rasman", errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable y supportshowcfgenable que pueden hacer que se imprima en el terminal el contenido de variables interpretadas por el shell. Brocade Fabric OS before Brocade Fabric OS 9.1.1c, 9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal. • https://security.netapp.com/advisory/ntap-20230908-0007 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22408 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-209: Generation of Error Message Containing Sensitive Information •