Security Advisory

CVE-2021-27791

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-12 14:27:35
Last updated 2024-08-03 21:33:15
Assigner brocade
State PUBLISHED

Description

The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the intended range. An unauthenticated attacker could discover a request, which could bypass the authentication process.