{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T13:22:48.949","vulnerabilities":[{"cve":{"id":"CVE-2021-27791","sourceIdentifier":"sirt@brocade.com","published":"2021-08-12T15:15:07.737","lastModified":"2024-11-21T05:58:34.420","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the intended range. An unauthenticated attacker could discover a request, which could bypass the authentication process."},{"lang":"es","value":"Una función que es usada para analizar el encabezado de Autenticación en el servicio de aplicaciones web de Brocade Fabric OS versiones anteriores a Brocade Fabric OS v9.0.1a y v8.2.3a, presenta un fallo en procesar apropiadamente un encabezado de autenticación malformado procedente del cliente, resultando en una lectura de direcciones de memoria fuera del rango previsto. Un atacante no autenticado podría descubrir una petición, que podría omitir el proceso de autenticación"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:N","baseScore":5.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.2.1","versionEndExcluding":"8.2.3a","matchCriteriaId":"D137CFD9-916B-4B8D-9E57-2EECCE5FD32B"},{"vulnerable":true,"criteria":"cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndExcluding":"9.0.1a","matchCriteriaId":"6D7BD6F1-04FE-45C8-9154-70DBDC01A31F"}]}]}],"references":[{"url":"https://security.netapp.com/advisory/ntap-20210819-0002/","source":"sirt@brocade.com","tags":["Third Party Advisory"]},{"url":"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1491","source":"sirt@brocade.com","tags":["Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20210819-0002/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1491","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}