CVE-2023-31424

EUVD-2023-35732
Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a
 allows remote unauthenticated users to bypass web authentication and 
authorization.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
brocadeCNA
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
Affected Products (NVD)
VendorProductVersion
broadcombrocade_sannav
𝑥
< 2.2.2a
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://security.netapp.com/advisory/ntap-20240229-0004/
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22507
https://security.netapp.com/advisory/ntap-20240229-0004/
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22507