Authorization Failure in Brocade Fabric OS by Broadcom
CVE-2021-27793

5.3MEDIUM

Key Information:

Vendor: Broadcom
Status: Brocade Fabric Os
Vendor: CVE Published:; 12 August 2021

Summary

Brocade Fabric OS suffers from an intermittent authorization failure in the AAA TACACS+ implementation, which may prevent users with valid accounts from successfully logging into their switches. This issue affects multiple versions of Brocade Fabric OS, including those prior to v9.0.1b and v8.2.3a. Administrators should review the appropriate security advisories and consider necessary updates to mitigate potential access issues.

Affected Version(s)

Brocade Fabric OS Versions before Brocade Fabric OS v9.0.1b and after 9.0.0, also before Brocade Fabric OS v8.2.3a and after v8.2.0

References

https://www.broadcom.com/support/fibre-channel-networking...

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20210819-0001/

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 12, 2021
Vulnerability Reserved
Feb 26, 2021