CVE-2023-3454: OS Command Injection
First published: Thu Apr 04 2024(Updated: )
Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could allow an attacker to execute arbitrary code and use this to gain root access to the Brocade switch.
Credit: sirt@brocade.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Brocade FABRIC OS (FOS) | >9.0<=9.2.0 | |
| Broadcom Fabric Operating System | >=9.0.0<9.1.1d1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-3454?
CVE-2023-3454 is classified as a critical vulnerability due to its potential for remote code execution.
How do I fix CVE-2023-3454?
To mitigate CVE-2023-3454, upgrade Brocade Fabric OS to version 9.2.0 or later.
What impact does CVE-2023-3454 have on affected systems?
CVE-2023-3454 allows an attacker to execute arbitrary code, potentially gaining root access to the Brocade switch.
What versions of Fabric OS are affected by CVE-2023-3454?
CVE-2023-3454 affects Brocade Fabric OS versions after 9.0 and before 9.2.0.
Who is affected by CVE-2023-3454?
Organizations using vulnerable versions of Brocade Fabric OS are at risk of CVE-2023-3454.
- agent/weakness
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/last-modified-date
- agent/severity
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- vendor/brocade
- canonical/brocade fabric os (fos)
- vendor/broadcom