CVE-2021-27789Fabric Operating System vulnerability

3 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
0.3%
top 44.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Broadcom Fabric Operating SystemBrocade Fabric OS
Timeline
PublishedMar 18
Latest updateMar 19

Description

The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device. An attacker who has compromised the FOS system may utilize this weakness to capture sensitive information, such as user credentials.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5brocade/brocade_fabric_osBrocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h
NVDbroadcom/fabric_operating_system9.0.09.0.1a+1

🔴Vulnerability Details

2
GHSA
GHSA-c85g-628v-q46j: The Web application of Brocade Fabric OS before versions Brocade Fabric OS v92022-03-19
CVEList
CVE-2021-27789: The Web application of Brocade Fabric OS before versions Brocade Fabric OS v92022-03-18
CVE-2021-27789 — Fabric Operating System vulnerability | cvebase