Vulnerability Description
Brocade Fabric OS (FOS) hardware platforms running any version of Brocade Fabric OS software, which supports the license string format; contain cryptographic issues that could allow for the installation of forged or fraudulent license keys. This would allow attackers or a malicious party to forge a counterfeit license key that the Brocade Fabric OS platform would authenticate and activate as if it were a legitimate license key.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Fabric Operating System | All versions |
| Broadcom | Brocade 300 | - |
| Broadcom | Brocade 610 | - |
| Broadcom | Brocade 6505 | - |
| Broadcom | Brocade 6510 | - |
| Broadcom | Brocade 6520 | - |
| Broadcom | Brocade 7800 | - |
| Broadcom | Brocade 7810 | - |
| Broadcom | Brocade 7840 | - |
| Broadcom | Brocade G620 | - |
| Broadcom | Brocade G630 | - |
| Broadcom | Brocade X6-4 Director | - |
| Broadcom | Brocade X6-8 Director | - |
Related Weaknesses (CWE)
References
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/conVendor Advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/conVendor Advisory
FAQ
What is CVE-2021-27795?
CVE-2021-27795 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Brocade Fabric OS (FOS) hardware platforms running any version of Brocade Fabric OS software, which supports the license string format; contain cryptographic issues that could allow for the install...
How severe is CVE-2021-27795?
CVE-2021-27795 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-27795?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Fabric Operating System, Broadcom Brocade 300, Broadcom Brocade 610, Broadcom Brocade 6505, Broadcom Brocade 6510.