Vulnerability Details CVE-2023-3489
The
firmwaredownload command on Brocade Fabric OS v9.2.0 could log the
FTP/SFTP/SCP server password in clear text in the SupportSave file when
performing a downgrade from Fabric OS v9.2.0 to any earlier version of
Fabric OS.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.6%
CVSS Severity
CVSS v3 Score 8.6
References
- https://security.netapp.com/advisory/ntap-20231124-0003/
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22510
- https://security.netapp.com/advisory/ntap-20231124-0003/
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22510
Products affected by CVE-2023-3489
-
cpe:2.3:o:broadcom:fabric_operating_system:9.2.0