PT-2021-21210 · Unknown · Networking Os10

James Hebden

Published

2021-11-20

Updated

2022-04-25

CVE-2021-36308

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Networking OS10 versions prior to October 2021

Description The issue allows a remote unauthenticated attacker to bypass authentication and gain access to the system, enabling them to perform actions on the affected system. This is possible when Smart Fabric Services are enabled.

Recommendations For Networking OS10 versions prior to October 2021, consider disabling Smart Fabric Services until a fix is available. As a temporary workaround, restrict access to the system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Authentication Bypass Using an Alternate Path or Channel

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287CWE-288

Related Identifiers

CVE-2021-36308

Affected Products

Networking Os10

PT-2021-21210 · Unknown · Networking Os10

CVE-2021-36308

Weakness Enumeration

Related Identifiers

Affected Products

References · 5