CVE-2021-27796 Information

Description

A vulnerability in Brocade Fabric OS versions before Brocade Fabric OS v8.0.1b v7.4.1d could allow an authenticated attacker within the restricted shell environment (rbash) as either the “user” or “factory” account to read the contents of any file on the filesystem utilizing one of a few available binaries.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Reference

https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1721

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

6.5