CVE-2021-42772

Name of the Vulnerable Software and Affected Versions Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 Broadcom Emulex HBA Manager/One Command Manager versions before 12.8.542.31

Description The issue is related to a buffer overflow vulnerability in the remote GetDumpFile command. This could allow a user to attempt various attacks, particularly in non-secure mode where the user is unauthenticated.

Recommendations For versions before 11.4.425.0, update to version 11.4.425.0 or later. For versions before 12.8.542.31, update to version 12.8.542.31 or later. As a temporary workaround, consider disabling the remote GetDumpFile command until a patch is available. Restrict access to the management interface to minimize the risk of exploitation, especially when not installed in Strictly Local Management mode.