CVE-2021-27791

Summary

The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the intended range. An unauthenticated attacker could discover a request, which could bypass the authentication process.

Affected Software

VendorProductVersion RangeStatus
n/aBrocade Fabric OSBrocade Fabric OS before Brocade Fabric OS v9.0.1a and v8.2.3aaffected

Weaknesses

  • authentication bypass

ADP Enrichment

CVE Program Container

Additional References

References