CVE-2023-46272

Name of the Vulnerable Software and Affected Versions Extreme Networks IQ Engine versions prior to 10.6r1a Extreme Networks IQ Engine versions 10.6r1a through 10.6r4 before 10.6r5

Description The issue is related to a Buffer Overflow vulnerability in the implementation of the ah auth service, allowing an attacker to execute arbitrary code. This is a stack-based buffer overflow remote code execution vulnerability.

Recommendations For Extreme Networks IQ Engine versions prior to 10.6r1a, update to version 10.6r1a or later. For Extreme Networks IQ Engine versions 10.6r1a through 10.6r4, update to version 10.6r5 or later. As a temporary workaround, consider disabling the ah auth service until a patch is available.