What is CVE-2021-31879?

CVE-2021-31879 is a medium-severity vulnerability in Broadcom Brocade_fabric_operating_system_firmware, classified under URL Redirection to Untrusted Site (Open Redirect). CVSS score: 6.1/10. Published 2021-04-29.

How severe is CVE-2021-31879?

Medium severity. CVSS v3 base score is 6.1 out of 10.

Is CVE-2021-31879 known to be exploited?

7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Open Redirect in Broadcom Brocade_fabric_operating_system_firmware

CVE-2021-31879

GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.

Vulnerability class: Open Redirect

EPSS: 0.011 (61.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.1 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N.

Affected products

Weakness classification (CWE)

CWE-601 — URL Redirection to Untrusted Site (Open Redirect)

Public proof-of-concept exploits

References

cve@mitre.org (Mailing List, x_refsource_MISC, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM, Third Party Advisory)

Frequently asked questions

What is CVE-2021-31879?: CVE-2021-31879 is a medium-severity vulnerability in Broadcom Brocade_fabric_operating_system_firmware, classified under URL Redirection to Untrusted Site (Open Redirect). CVSS score: 6.1/10. Published 2021-04-29.
How severe is CVE-2021-31879?: Medium severity. CVSS v3 base score is 6.1 out of 10.
Is CVE-2021-31879 known to be exploited?: 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.