{"api_version":"1","generated_at":"2026-04-22T21:37:41+00:00","cve":"CVE-2023-31429","urls":{"html":"https://cve.report/CVE-2023-31429","api":"https://cve.report/api/cve/CVE-2023-31429.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-31429","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-31429"},"summary":{"title":"CVE-2023-31429","description":"Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal.","state":"PUBLIC","assigner":"sirt@brocade.com","published_at":"2023-08-01 21:15:00","updated_at":"2023-11-02 02:04:00"},"problem_types":["CWE-77"],"metrics":[],"references":[{"url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22408","name":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22408","refsource":"MISC","tags":[],"title":"Support Content Notification - Support Portal - Broadcom support portal","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20230908-0007/","name":"https://security.netapp.com/advisory/ntap-20230908-0007/","refsource":"MISC","tags":[],"title":"August 2023 Brocade Fabric OS Vulnerabilities | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-31429","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31429","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"31429","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"broadcom","cpe5":"fabric_operating_system","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-31429","ASSIGNER":"sirt@brocade.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"\nBrocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal.\n\n"}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-200 Exposure of Sensitive Information to an Unauthorized Actor","cweId":"CWE-200"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Brocade","product":{"product_data":[{"product_name":"Fabric OS ","version":{"version_data":[{"version_affected":"=","version_value":" before Brocade Fabric OS v9.1.1c, v9.2.0 "}]}}]}}]}},"references":{"reference_data":[{"url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22408","refsource":"MISC","name":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22408"},{"url":"https://security.netapp.com/advisory/ntap-20230908-0007/","refsource":"MISC","name":"https://security.netapp.com/advisory/ntap-20230908-0007/"}]},"generator":{"engine":"Vulnogram 0.1.0-dev"},"source":{"discovery":"INTERNAL"},"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":5.5,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","version":"3.1"}]}},"nvd":{"publishedDate":"2023-08-01 21:15:00","lastModifiedDate":"2023-11-02 02:04:00","problem_types":["CWE-77"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*","versionEndExcluding":"9.1.1c","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}