The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device. An attacker who has compromised the FOS system may utilize this weakness to capture sensitive information, such as user credentials.
References
Link | Resource |
---|---|
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1494 | Not Applicable Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
28 Mar 2022, 18:23
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1494 - Not Applicable, Vendor Advisory | |
First Time |
Broadcom
Broadcom fabric Operating System |
|
CWE | NVD-CWE-Other | |
CPE | cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 6.5 |
18 Mar 2022, 19:12
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-18 18:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-27789
Mitre link : CVE-2021-27789
CVE.ORG link : CVE-2021-27789
JSON object : View
Products Affected
broadcom
- fabric_operating_system
CWE