CVE-2021-27789

EUVD-2021-14530
The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device. An attacker who has compromised the FOS system may utilize this weakness to capture sensitive information, such as user credentials.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
Affected Products (NVD)
VendorProductVersion
broadcomfabric_operating_system
𝑥
< 8.2.3a
broadcomfabric_operating_system
9.0.0 ≤
𝑥
< 9.0.1a
𝑥
= Vulnerable software versions
References
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1494
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1494