XSS vulnerability in Brocade Webtools
CVE-2023-31928

6.1MEDIUM

Key Information:

Vendor: Brocade
Status: Fabric Os
Vendor: CVE Published:; 2 August 2023

What is CVE-2023-31928?

A reflected cross-site scripting (XSS) vulnerability exists in Brocade Webtools PortSetting.html of Brocade Fabric OS version before Brocade Fabric OS v9.2.0 that could allow a remote unauthenticated attacker to execute arbitrary JavaScript code in a target user’s session with the Brocade Webtools application.

Affected Version(s)

Fabric OS before Brocade Fabric OS v9.2.0

References

https://support.broadcom.com/external/content/SecurityAdv...

https://security.netapp.com/advisory/ntap-20230908-0007/

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Aug 2, 2023
Vulnerability Reserved
Apr 29, 2023