CVE-2021-27789

The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device. An attacker who has compromised the FOS system may utilize this weakness to capture sensitive information, such as user credentials.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
brocadeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
VendorProductVersion
broadcomfabric_operating_system
𝑥
< 8.2.3a
broadcomfabric_operating_system
9.0.0 ≤
𝑥
< 9.0.1a
𝑥
= Vulnerable software versions
References
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1494
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1494