Support Content Notification - Support Portal

BSA-2022-1516

Product/Component

Brocade Fabric OS

2 more products

Notification Id

21285

Last Updated

22 June 2022

Initial Publication Date

22 June 2022

Status

Closed

Severity

Medium

CVSS Base Score

Base Score: 9.4 - CRITICAL - Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

WorkAround

N/A

Affected CVE

CVE-2021-23017

Summary

Security Advisory ID : BSA-2022-1516

Component : NGNIX

Revision : 1.0

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impacts.

Affected Products

Brocade SANnav versions before v2.2.0.2

Products Confirmed Not Vulnerable

Brocade Fabric OS
Brocade ASCG

Solution

A security update has been provided in Brocade SANnav v2.2.0.2, and upper Brocade SANnav releases.

Revision History

Version	Change	Date
1.0	Initial Publication	June 22, 2022