gsd - gsd-2021-27798

gsd-2021-27798

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability in Brocade Fabric OS versions v7.4.1b and v7.3.1d could allow local users to conduct privileged directory transversal. Brocade Fabric OS versions v7.4.1.x and v7.3.x have reached end of life. Brocade Fabric OS Users should upgrade to supported versions as described in the Product End-of-Life Publish report.

Aliases

CVE-2021-27798

Aliases

CVE-2021-27798

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-27798",
    "description": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability in Brocade Fabric OS versions v7.4.1b and v7.3.1d could allow local users to conduct privileged directory transversal. Brocade Fabric OS versions v7.4.1.x and v7.3.x have reached end of life. Brocade Fabric OS Users should upgrade to supported versions as described in the Product End-of-Life Publish report.",
    "id": "GSD-2021-27798"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-27798"
      ],
      "details": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability in Brocade Fabric OS versions v7.4.1b and v7.3.1d could allow local users to conduct privileged directory transversal. Brocade Fabric OS versions v7.4.1.x and v7.3.x have reached end of life. Brocade Fabric OS Users should upgrade to supported versions as described in the Product End-of-Life Publish report.",
      "id": "GSD-2021-27798",
      "modified": "2023-12-13T01:23:35.975626Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "sirt@brocade.com",
        "ID": "CVE-2021-27798",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Brocade Fabric OS",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Brocade Fabric OS versions Brocade Fabric OS v7.4.1b, and v7.3.1d."
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability in Brocade Fabric OS versions v7.4.1b and v7.3.1d could allow local users to conduct privileged directory transversal. Brocade Fabric OS versions v7.4.1.x and v7.3.x have reached end of life. Brocade Fabric OS Users should upgrade to supported versions as described in the Product End-of-Life Publish report."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Privileged Directory Traversal"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2012",
            "refsource": "MISC",
            "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2012"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:broadcom:fabric_operating_system:7.3.1d:*:*:*:*:*:*:*",
                    "matchCriteriaId": "BE8D767B-55A7-4170-A60C-838AFAD141E1",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:broadcom:fabric_operating_system:7.4.1b:*:*:*:*:*:*:*",
                    "matchCriteriaId": "C8237571-12FD-4871-9F30-3D0A9F956E4A",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "A vulnerability in Brocade Fabric OS versions v7.4.1b and v7.3.1d could allow local users to conduct privileged directory transversal. Brocade Fabric OS versions v7.4.1.x and v7.3.x have reached end of life. Brocade Fabric OS Users should upgrade to supported versions as described in the Product End-of-Life Publish report"
          },
          {
            "lang": "es",
            "value": "** NO SOPORTADO CUANDO SE ASIGN\u00d3 ** Una vulnerabilidad en Brocade Fabric OS versiones v7.4.1b y v7.3.1d, podr\u00eda permitir a usuarios locales conducir un salto de directorio privilegiado. Brocade Fabric OS versiones v7.4.1.x y v7.3.x, han llegado al final de su vida \u00fatil. Los usuarios de Brocade Fabric OS deben actualizarse a versiones soportadas, tal y como es descrito en el Informe de Publicaci\u00f3n de Fin de Vida del Producto"
          }
        ],
        "id": "CVE-2021-27798",
        "lastModified": "2024-04-11T01:10:58.480",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 1.8,
              "impactScore": 3.6,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2022-08-05T16:15:10.807",
        "references": [
          {
            "source": "sirt@brocade.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2012"
          }
        ],
        "sourceIdentifier": "sirt@brocade.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-22"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

cve-2021-27798

Vulnerability from cvelistv5

Published

2022-08-05 15:24

Modified

2025-02-15 00:16

Severity ?

Summary

privileged directory transversal.in Brocade Fabric OS versions 7.4.1.x and 7.3.x

References

▼	URL	Tags
	https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2012	x_refsource_MISC

Impacted products

▼	Vendor	Product
	Brocade	Brocade Fabric OS

Show details on NVD website