CVE-2023-31424

Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a
 allows remote unauthenticated users to bypass web authentication and 
authorization.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
brocadeCNA
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
VendorProductVersion
broadcombrocade_sannav
𝑥
< 2.2.2a
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://security.netapp.com/advisory/ntap-20240229-0004/
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22507
https://security.netapp.com/advisory/ntap-20240229-0004/
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22507