Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-27789

The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device. An attacker who has compromised the FOS system may utilize this weakness to capture sensitive information, such as user credentials.

Published

2022-03-18T18:15:11.520

Last Modified

2024-11-21T05:58:34.153

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

8.0

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	broadcom	fabric_operating_system	< 8.2.3a	Yes
Operating System	broadcom	fabric_operating_system	< 9.0.1a	Yes

References

https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1494 Not Applicable, Vendor Advisory ([email protected])
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1494 Not Applicable, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)