BSA-2021-1490
21316
27 May 2021
10 May 2021
Closed
Medium
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L - 5.3
N/A
CVE-2021-27792
Summary Security Advisory ID : BSA-2021-1490 Component : Web Management Interface Revision : 1.1
The request handling functions in web management interface of Brocade Fabric OS versions before v9.0.1a, v8.2.3a, and v7.4.2h do not properly handle malformed user input, resulting in a service crash. An authenticated attacker could use this weakness to cause the FOS HTTP application handler to crash, requiring a reboot.
Affected Products
Brocade Fabric OS versions before v9.0.1a, and v8.2.3a, and v7.4.2h
Products Confirmed Not Vulnerable
No other Brocade Fibre Channel Products from Broadcom products are currently known to be affected by this vulnerability.
Solution
A security update has been provided in Brocade Fabric OS versions v9.0.1a, v8.2.3a, and v7.4.2h.
Credit
This issue was discovered through security testing.
Revision History
| Version | Change | Date |
|---|---|---|
| 1.0 | Initial Publication | May 10, 2021 |
| 1.1 | Added v7.4.2h | July 27, 2021 |