Security Advisory

CVE-2021-38451

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-22 11:23:37

Last updated 2024-09-17 01:41:23

Assigner icscert

State PUBLISHED

Description

The affected product’s proprietary protocol CSC allows for calling numerous function codes. In order to call those function codes, the user must supply parameters. There is no sanitation on the value of the offset, which allows the client to specify any offset and read out-of-bounds data.

← Browse all CVEs View on cve.org ↗