Description
The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device. An attacker who has compromised the FOS system may utilize this weakness to capture sensitive information, such as user credentials.
References (1)
Core 1
Core References
Not Applicable, Vendor Advisory x_refsource_misc
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1494
Scores
CVSS v3
6.5
EPSS
0.0033
EPSS Percentile
55.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
Status
published
Products (1)
broadcom/fabric_operating_system
< 8.2.3a
Published
Mar 18, 2022
Tracked Since
Feb 18, 2026