PT-2021-17622 · Brocade · Brocade Fabric Os

Published

2021-08-12

Updated

2022-07-12

CVE-2021-27791

CVSS v2.0

5.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions: Brocade Fabric OS versions prior to 8.2.3a Brocade Fabric OS versions prior to 9.0.1a

Description: The function used to parse the Authentication header in the Brocade Fabric OS Web application service fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the intended range. An unauthenticated attacker could discover a request, which could bypass the authentication process.

Recommendations: For Brocade Fabric OS versions prior to 8.2.3a, update to version 8.2.3a or later to resolve the issue. For Brocade Fabric OS versions prior to 9.0.1a, update to version 9.0.1a or later to resolve the issue.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2021-27791

Affected Products

Brocade Fabric Os

PT-2021-17622 · Brocade · Brocade Fabric Os

CVE-2021-27791

Weakness Enumeration

Related Identifiers

Affected Products

References · 7