Authentication Bypass Vulnerability in Brocade Fabric OS Web Application Service

Authentication Bypass Vulnerability in Brocade Fabric OS Web Application Service

CVE-2021-27791 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the intended range. An unauthenticated attacker could discover a request, which could bypass the authentication process.

Learn more about our Web App Pen Testing.