// For flags

CVE-2023-4162

Segmentation fault in Brocade Fabric OS after Brocade Fabric OS v9.0

Severity Score

4.4
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

A
segmentation fault can occur in Brocade Fabric OS after Brocade Fabric
OS v9.0 and before Brocade Fabric OS v9.2.0a through the passwdcfg
command. This
could allow an authenticated privileged user local user to crash a
Brocade Fabric OS swith using the cli “passwdcfg --set -expire
-minDiff“.

Puede producirse un fallo de segmentación en Brocade Fabric OS después de Brocade Fabric OS v9.0 y antes de Brocade Fabric OS v9.2.0a a través del comando "passwdcfg". Esto podría permitir que un usuario privilegiado autenticado local bloquease un Brocade Fabric OS swith utilizando el cli "passwdcfg --set -expire -minDiff".

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2023-08-04 CVE Reserved
  • 2023-08-31 CVE Published
  • 2023-08-31 EPSS Updated
  • 2024-09-30 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-125: Out-of-bounds Read
  • CWE-252: Unchecked Return Value
  • CWE-400: Uncontrolled Resource Consumption
CAPEC
  • CAPEC-540: Overread Buffers
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Brocade
Search vendor "Brocade"
Fabric Operating System
Search vendor "Brocade" for product "Fabric Operating System"
>= 9.0.1a < 9.2.0a
Search vendor "Brocade" for product "Fabric Operating System" and version " >= 9.0.1a < 9.2.0a"
-
Affected