{"api_version":"1","generated_at":"2026-04-22T21:37:42+00:00","cve":"CVE-2023-31430","urls":{"html":"https://cve.report/CVE-2023-31430","api":"https://cve.report/api/cve/CVE-2023-31430.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-31430","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-31430"},"summary":{"title":"CVE-2023-31430","description":"A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service.","state":"PUBLIC","assigner":"sirt@brocade.com","published_at":"2023-08-02 00:15:00","updated_at":"2023-12-21 01:37:00"},"problem_types":["CWE-120"],"metrics":[],"references":[{"url":"https://support.broadcom.com/external/content/SecurityAdvisories/0/22381","name":"https://support.broadcom.com/external/content/SecurityAdvisories/0/22381","refsource":"MISC","tags":[],"title":"Support Content Notification - Support Portal - Broadcom support portal","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20230908-0007/","name":"https://security.netapp.com/advisory/ntap-20230908-0007/","refsource":"MISC","tags":[],"title":"August 2023 Brocade Fabric OS Vulnerabilities | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-31430","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31430","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"31430","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"broadcom","cpe5":"brocade_fabric_operating_system","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31430","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"broadcom","cpe5":"brocade_fabric_operating_system","cpe6":"9.2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-31430","ASSIGNER":"sirt@brocade.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service.\n\n\n"}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","cweId":"CWE-120"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Brocade","product":{"product_data":[{"product_name":"Brocade Fabric OS","version":{"version_data":[{"version_affected":"=","version_value":" before Brocade Fabric OS v9.1.1c and v9.2.0"}]}}]}}]}},"references":{"reference_data":[{"url":"https://support.broadcom.com/external/content/SecurityAdvisories/0/22381","refsource":"MISC","name":"https://support.broadcom.com/external/content/SecurityAdvisories/0/22381"},{"url":"https://security.netapp.com/advisory/ntap-20230908-0007/","refsource":"MISC","name":"https://security.netapp.com/advisory/ntap-20230908-0007/"}]},"generator":{"engine":"Vulnogram 0.1.0-dev"},"source":{"discovery":"UNKNOWN"},"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":5.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}]}},"nvd":{"publishedDate":"2023-08-02 00:15:00","lastModifiedDate":"2023-12-21 01:37:00","problem_types":["CWE-120"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:broadcom:brocade_fabric_operating_system:9.2.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:broadcom:brocade_fabric_operating_system:*:*:*:*:*:*:*:*","versionEndExcluding":"9.1.1c","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}