PT-2021-17621 · Brocade · Brocade Fabric Os
Published
2021-08-12
·
Updated
2022-05-03
·
CVE-2021-27790
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Brocade Fabric OS versions prior to 7.4.2h
Brocade Fabric OS versions prior to 8.2.0 CBN4
Brocade Fabric OS versions prior to 8.2.3
Brocade Fabric OS versions prior to 9.0.1a
Description:
The command
ipfilter in Brocade Fabric OS uses an unsafe string function to process user input. Authenticated attackers can exploit this issue to execute arbitrary code as the root user account by abusing stack-based buffer overflows.Recommendations:
For Brocade Fabric OS versions prior to 7.4.2h, update to version 7.4.2h or later.
For Brocade Fabric OS versions prior to 8.2.0 CBN4, update to version 8.2.0 CBN4 or later.
For Brocade Fabric OS versions prior to 8.2.3, update to version 8.2.3 or later.
For Brocade Fabric OS versions prior to 9.0.1a, update to version 9.0.1a or later.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Brocade Fabric Os