Brocade Fabric OS prev9.1.1c/v9.2.0: Local User Reads Home Dir via grep
CVE-2023-31428 Published on August 2, 2023
CLI allows upload or transfer files of dangerous types
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability in the command line that could allow a local user to dump files under user's home directory using grep.
Vulnerability Analysis
CVE-2023-31428 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
What is an Unrestricted File Upload Vulnerability?
The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.
CVE-2023-31428 has been classified to as an Unrestricted File Upload vulnerability or weakness.
Products Associated with CVE-2023-31428
stack.watch emails you whenever new vulnerabilities are published in Broadcom Brocade Fabric Operating System or Brocade Fabric Os. Just hit a watch button to start following.
Affected Versions
Brocade Fabric OS Version before Brocade Fabric OS v9.1.1c, v9.2.0 is affected by CVE-2023-31428Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.