Lucene search

[email protected]NVD:CVE-2023-31424

HistoryAug 31, 2023 - 1:15 a.m.

CVE-2023-31424

2023-08-3101:15:08

CWE-290

[email protected]

web.nvd.nist.gov

brocade sannav

web interface

unauthorized access

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.8

Confidence

High

EPSS

0.004

Percentile

72.7%

JSON

Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a
allows remote unauthenticated users to bypass web authentication and
authorization.

Affected configurations

Nvd

Node

broadcombrocade_sannavRange<2.2.2a

VendorProductVersionCPE
broadcombrocade_sannav*cpe:2.3:a:broadcom:brocade_sannav:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
broadcom	brocade_sannav	*	cpe:2.3:a:broadcom:brocade_sannav::::::::

References

security.netapp.com/advisory/ntap-20240229-0004/

support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22507

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.8

Confidence

High

EPSS

0.004

Percentile

72.7%

JSON

Related for NVD:CVE-2023-31424

broadcom1 prion1 cve1 cvelist1