CVE-2021-27791

Published: Aug 12, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the intended range. An unauthenticated attacker could discover a request, which could bypass the authentication process.

Vendor	Product	Versions
n/a	Brocade Fabric OS	affected `Brocade Fabric OS before Brocade Fabric OS v9.0.1a and v8.2.3a`

References

https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1491

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20210819-0002/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-27791

Description

Affected Products

References