Hard-Coded Credentials in Brocade Fabric OS Leading to Unauthorized Access
CVE-2021-27797

9.8CRITICAL

Key Information:

Vendor: Broadcom
Status: Brocade Fabric Os
Vendor: CVE Published:; 21 February 2022

What is CVE-2021-27797?

Brocade Fabric OS contains hard-coded credentials in versions prior to v8.2.1c and v8.1.2h, as well as all versions in the 8.0.x and 7.x series. This vulnerability may enable an attacker to gain unauthorized access to critical system functions, potentially leading to severe implications for network security. It is crucial for users of the affected versions to review their security protocols and apply necessary updates to mitigate potential risks.

Affected Version(s)

Brocade Fabric OS Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all versions of Brocade Fabric OS v8.0.x and v7.x

References

https://www.broadcom.com/support/fibre-channel-networking...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 21, 2022
Vulnerability Reserved
Feb 26, 2021

Broadcom

What is CVE-2021-27797?

Affected Version(s)

References

CVSS V3.1

Timeline