CVE-2023-3454

Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could allow an attacker to execute arbitrary code and use this to gain root access to the Brocade switch.

Published: Apr 4, 2024
Updated: May 4, 2025
CVE: CVE-2023-3454
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-78

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
broadcom / fabric_operating_system	9.0.0	9.1.1d1

https://security.netapp.com/advisory/ntap-20240628-0004/
https://support.broadcom.com/external/content/SecurityAdvisories/0/23215

Vulnerability Database

289,871

CVE-2023-3454