CVE-2021-27791
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the intended range. An unauthenticated attacker could discover a request, which could bypass the authentication process.
Una función que es usada para analizar el encabezado de Autenticación en el servicio de aplicaciones web de Brocade Fabric OS versiones anteriores a Brocade Fabric OS v9.0.1a y v8.2.3a, presenta un fallo en procesar apropiadamente un encabezado de autenticación malformado procedente del cliente, resultando en una lectura de direcciones de memoria fuera del rango previsto. Un atacante no autenticado podría descubrir una petición, que podría omitir el proceso de autenticación
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-02-26 CVE Reserved
- 2021-08-12 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://security.netapp.com/advisory/ntap-20210819-0002 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | >= 8.2.1 < 8.2.3a Search vendor "Broadcom" for product "Fabric Operating System" and version " >= 8.2.1 < 8.2.3a" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Fabric Operating System Search vendor "Broadcom" for product "Fabric Operating System" | >= 9.0.0 < 9.0.1a Search vendor "Broadcom" for product "Fabric Operating System" and version " >= 9.0.0 < 9.0.1a" | - |
Affected
|