cbcvebase.
CVE-2021-27789
published 2022-03-18

CVE-2021-27789: The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to…

PriorityP433medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.79%
51.5th percentile
The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device. An attacker who has compromised the FOS system may utilize this weakness to capture sensitive information, such as user credentials.

Affected

2 ranges
VendorProductVersion rangeFixed in
broadcomfabric_operating_system< 8.2.3a8.2.3a
broadcomfabric_operating_system>= 9.0.0 < 9.0.1a9.0.1a

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.