Support Content Notification - Support Portal

BSA-2021-1493

Product/Component

Brocade Fabric OS

2 more products

Notification Id

21313

Last Updated

27 July 2021

Initial Publication Date

10 May 2021

Status

Closed

Severity

High

CVSS Base Score

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N -7.1

WorkAround

N/A

Affected CVE

CVE-2021-27789

Summary

Security Advisory ID : BSA-2021-1493

Component : CLI

Revision : 1.1

A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files.

Affected Products

Brocade Fabric OS versions before v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h.

Products Confirmed Not Vulnerable

No other Brocade Fibre Channel Products from Broadcom products are currently known to be affected by this vulnerability.

Solution

A security update has been provided in Brocade Fabric OS versions v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h.

Credit

This issue was discovered through security testing.

Revision History

Version	Change	Date
1.0	Initial Publication	May 10, 2021
1.1	Added v7.4.2h	July 27, 2021